Feds sanction Russian hackers who infiltrated Muleshoe, Abernathy municipal water systems

The United States Treasury Department on Friday sanctioned two leaders of a Russian hacker group believed to be responsible for infiltrating the public water system infrastructure of several small South Plains towns earlier this year.

Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko are the leader and chief hacker, respectively, of a "hacktivist" group known as Cyber Army of Russia Reborn (CARR), according to the Treasury . Both have been added to the Treasury Department's sanctions list for their alleged role in the infrastructure hacks.

CARR claimed responsibility for two hacks which caused water storage tanks in Muleshoe and Abernathy to overflow in January, federal authorities said.

In the Muleshoe incident, the town's water tower overflowed for 30 to 45 minutes after the hackers were able to remotely log into an industrial system that allows public works crews to control the tank, CNN reported . Utility operators were able to stop the overflow by switching the tank to manual control and securing the hacked machine.

More: EPA urges water utilities to protect nation's drinking water amid heightened cyberattacks

City officials in Lockney and Hale Center confirmed the hacks in Muleshoe coincided with cybersecurity incidents in their towns. In each case, city managers said hackers tried to infiltrate the water utilities' SCADA system — a network that allows operators to remotely monitor and control water infrastructure.

“CARR and its members’ efforts to target our critical infrastructure represent an unacceptable threat to our citizens and our communities, with potentially dangerous consequences,” Brian E. Nelson, under secretary of the Treasury for terrorism and financial intelligence, said in a news release Friday. “The United States has and will continue to take action, using our full range of tools, to hold accountable these and other individuals for their malicious cyber activities.”

The Treasury Department said CARR "has conducted low-impact, unsophisticated DDoS attacks in Ukraine and against governments and companies located in countries that have supported Ukraine" and began claiming attacks on U.S. and European infrastructure late last year. The group is also believed to be responsible for a hack of the SCADA system of a U.S. energy company.

"In January 2024, CARR claimed responsibility for the overflow of water storage tanks in Abernathy and Muleshoe, Texas, posting video of the manipulation of human-machine interfaces at each facility on a public forum," the news release reads. "The compromise of the industrial control systems resulted in the loss of tens of thousands of gallons of water."

The sanctions generally prohibit U.S. persons, businesses and financial institutions from doing business with Pankratova and Degtyarenko.

This article originally appeared on Lubbock Avalanche-Journal: Feds sanction Russian hackers who infiltrated Muleshoe, Abernathy municipal water systems