A leaked intelligence briefing that emerged over the weekend seems to reveal a hacking episode carried out by a pro-Russian hacktivist group against a major Canadian gas pipeline.
A glut of classified Pentagon documents have poured onto the internet in recent days in what is reputed to be a major leak of American national security secrets. The leaks, the source of which is still unknown, seem to reveal a broad swath of clandestine information — much of which relates to U.S. and NATO efforts to assist Ukraine in its ongoing war with Russia. The document that emerged over the weekend is less directly concerned with the Ukraine conflict itself than it is with the alarming digital powers possessed by Russia and its cyber mercenaries.
The leaked briefing seems to detail intercepted communications between a “pro-Russian hacker group” and an agent of the Federal Security Service, or FSB — Russia’s top intelligence agency, the New York Times initially reported.
The group in question, known as “Zarya,” is reputed to be an offshoot of “Killnet” — the prominent pro-Russian hacktivist group that has been known to target U.S. websites and organisations.
The communications seem to show that Zarya had infiltrated an unnamed Canadian energy company and that the agent had given the hackers instructions about what to do with their access to the gas company’s network. In their chats, the hackers claim the frightening ability to remotely manipulate the unnamed energy project’s industrial controls — including a capacity to “increase valve pressure, disable alarms, and initiate an emergency shutdown of the facility.”
Even more disturbingly, the FSB officer communicated to the hacker group that “a successful operation [against the facility] would cause an explosion” and that the FSB was “monitoring Canadian news reports for indications of an explosion,” cybersecurity journalist Kim Zetter reported. The goal of this supposed operation was to cause a “loss of income for Canadians,” not a “loss of life,” the report states.
Unfortunately, the available reporting does not state which specific company is said to have been targeted, merely referring to it as an “unspecified gas distribution station.”
It’s also unclear whether anything ever happened with this alleged hacking mission — or if the hackers ultimately managed to damage the company in question.
The leaked intel report states that, if the claims of Zarya’s claims of an attack are accurate, “it would mark the first time” that U.S. intelligence has “observed a pro-Russia-hacking group execute a disruptive attack against Western industrial control systems.”
In recent years, concerns over the energy industry’s inadequate cybersecurity protections have seen a sharp uptick. Ever since the ransomware gang DarkSide successfully attacked Colonial Pipeline in 2021, Western governments have sought to bolster digital protections for major oil and gas projects. In March, the Biden administration published its strategic vision for cybersecurity policy, recommending additional security for America’s industrial systems.