NewsKansas City Public Safety

Actions

DOJ: 3 Russian government employees targeted Kansas nuclear plant in hacking campaign during 2012-18

3 Russian employees
Wolf Creek Nuclear Power Plant.jpg
Posted
and last updated

KANSAS CITY, Mo. — The United States Department of Justice unsealed two indictments against a total of four Russian government employees Thursday, three of which face charges involving an alleged attack on Wolf Creek Nuclear Operating Corporation in Burlington, Kansas.

Pavel Aleksandrovich Akulov, Mikhail Mikhaillovich Ga Vrilov and Marat V Aleryevich Tyukov all face 21 charges related to the hacking campaign. The trio learned of the charges in August 2021.

According to the United State Department of Justice, the campaign involved two phases.

RELATED | Read the DOJ indictment

The Wolf Creek Generating Station — the first nuclear power plant in Kansas, which became operational in 1985 and provides nearly 20% of Kansas' net power generation — was targeted in the second phase.

According to the DOJ, the second phase took place between 2014 and 2017 and was referred to as "Dragonfly 2.0."

During this phase, the three accused hackers focused on energy sector entities and individual engineers who worked with ICS/SCADA systems.

The DOJ said the tactics used spearphishing attacks and targeted more than 3,300 users at more than 500 U.S. and international companies.

They were successful in doing so at Wolf Creek, which produces nearly 1,200 megawatts of electricity, and compromised the plant's business networks.

In some instances, the three allegedly sent emails pretending to be fictitious employees to Wolf Creek.

They claimed to be job seekers with experience in critical infrastructure tools and protocols.

The trio were officers at the Federal Security Service, an intelligence and law enforcement agency headquartered in Moscow, Russia.

Listed below are the charges Akulov, Vrilov and Tyukov are facing:

  • Conspiracy to cause damage to the property of an energy facility (one count)
  • Computer fraud; unlawful access to obtain information from protected computers (two counts)
  • Computer fraud; damage to protected computers (three counts)
  • Wire fraud conspiracy (one count)
  • Wire fraud (nine counts)
  • Aggravated identity theft (one count)

Evergy owns 94% and the Kansas Electric Power Cooperative owns the remaining 6% of Wolf Creek, which took eight years to build.

A 2017 KSHB 41 story appears to have hinted at the Russian operation. At the time, the FBI and Department of Homeland Security issued a statement that there was no threat to public safety.