In a significant development, a federal grand jury in San Francisco has issued an indictment against two individuals for their involvement in a sophisticated hacking campaign. The indictment alleges that these individuals, Ruslan Aleksandrovich Peretyatko and Andrey Stanislavovich Korinets, along with other unnamed conspirators, targeted computer networks in the United States, the United Kingdom, other NATO member countries, and Ukraine. It is believed that their actions were carried out at the behest of the Russian government.

The indictment, unsealed on Tuesday, reveals that the accused perpetrators employed a highly sophisticated spear-phishing campaign to gain unauthorized access to victims' computers and email accounts. Peretyatko, an officer in Russia's Federal Security Service (FSB) Center 18, and Korinets allegedly orchestrated this cyber espionage activity, aimed at accessing sensitive information and disrupting democratic processes.

Assistant Attorney General Matthew G. Olsen of the Justice Department's National Security Division highlighted the ongoing threat posed by the Russian government's targeting of critical networks in the United States and its allies. He further emphasized the commitment of the Department of Justice to disrupt these activities and hold individuals accountable for their actions.

U.S. Attorney Ismail J. Ramsey for the Northern District of California expressed gratitude to the various partners involved in addressing these cyber threats, stressing the need for a coordinated international response. The aim is to deter conspirators and underscore that the entire United States government is united in combating such acts of cyber espionage, particularly those seeking government information and intending to disrupt democratic processes.

Assistant Director Bryan Vorndran of the FBI's Cyber Division strongly condemned the targeted malicious activity conducted by Russia. He vowed that the FBI will take decisive action to prevent and disrupt such criminal acts perpetuated by the nation-state.

According to the indictment, the conspiracy, known publicly as the "Callisto Group," targeted individuals connected to the U.S. Intelligence Community, the Department of Defense, the Department of State, defense contractors, and Department of Energy facilities between 2016 and 2022. The indictment further alleges that the group also targeted military and government officials, think tank researchers, staff, and journalists in the United Kingdom and elsewhere. Notably, some of the information obtained from targeted accounts was leaked to the press in Russia and the United Kingdom ahead of the U.K. elections in 2019.

The indictment reveals that the hackers utilized various tactics, including posing as personal or work-related email accounts of the victims. They also sent deceptive emails, designed to appear as if they were from email providers, claiming that users had violated terms of service. These tactics were employed to trick victims into disclosing their email account credentials, thereby enabling the perpetrators to gain unlimited access to their email accounts.

In addition to the indictment, the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has imposed sanctions on Peretyatko and Korinets for their involvement in malicious cyber-enabled activity. The United Kingdom has also issued its own sanctions, while the U.S. Department of State has announced rewards of up to $10 million for information leading to the identification or location of the accused individuals and their co-conspirators.

The investigation into this hacking campaign was a joint effort by the U.S. Attorney's Office for the Northern District of California, the National Security Cyber Section of the Justice Department's National Security Division, and the FBI San Francisco Field Office. The FBI's Cyber Division, along with its Cyber Assistant Legal Attachés and Legal Attachés stationed worldwide, provided invaluable support. The investigation was further aided by the cooperation of numerous victims who provided crucial assistance.

The indictment serves as an allegation, and both defendants are presumed innocent until proven guilty in a court of law. However, this development underscores the ongoing need for robust cybersecurity measures and international cooperation to counter cyber threats that pose a significant challenge to democratic processes and national security.

Source: U.S. Department of Justice - Office of Public Affairs