{"id":45882,"date":"2022-03-25T23:00:00","date_gmt":"2022-03-25T23:00:00","guid":{"rendered":"https:\/\/www.darkreading.com\/attacks-breaches\/indictment-against-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm"},"modified":"2022-03-25T23:00:00","modified_gmt":"2022-03-25T23:00:00","slug":"indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/","title":{"rendered":"Indictment of Russian National Offers Glimpse Into Methodical Targeting of Energy Firm"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7fa0a66be9c24994\/623e2853961f920d3475a3b6\/refinery_Red_ivory_shutterstock.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>A 2021 indictment that was unsealed this week against a Russian national for allegedly attacking an oil refinery in Saudi Arabia in 2017 has provided a glimpse into the methodical \u2014 and sometimes chilling \u2014 rigor that state-backed actors can put into breaching target networks and systems.<\/p>\n<p>Details contained in the indictment also showed how actors can leverage their access on an organization&#8217;s IT network to make their way into OT networks and business-critical industrial control system environments.<\/p>\n<p>The US government Thursday unsealed a three-count indictment charging Russian national Evgeny Viktorovich Gladkikh and unnamed co-conspirators for their role in a 2017 attack that twice triggered emergency shutdowns of an oil refinery in Saudi Arabia. Gladkikh and his partners are accused of attempting to cause physical damage to the energy facility and of intentionally damaging systems controlling critical safety equipment at the site. The indictment was one of two the <a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/russian-state-sponsored-hackers-behind-epic-trisis-attack-indicted-for-targeting-energy-firms\" target=\"_blank\" rel=\"noopener\">US government unsealed<\/a> this week. The second involved three Russian Federal Security Service officers who allegedly were behind a long-running series of cyberattacks against organizations in the energy sector.<\/p>\n<p>Gladkikh&#8217;s attacks garnered <a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/triton-trisis-attack-was-more-widespread-than-publicly-known\" target=\"_blank\" rel=\"noopener\">considerable attention<\/a> when they happened because they involved the use of malware \u2014 which some have dubbed Triton and others Trisis \u2014 specifically designed to cause catastrophic damage to an industrial plant. The malware targeted specific models of a safety instrumentation system (SIS) called Triconex from Schneider Electric that the plant was using at the time to monitor systems responsible for tasks like burn management and sulfur recovery. A malfunction of those systems could have resulted in explosions and the release of toxic gases at the facility.<\/p>\n<p>Details in the <a href=\"https:\/\/www.justice.gov\/opa\/press-release\/file\/1486831\/download\" target=\"_blank\" rel=\"noopener\">indictment<\/a> show that Gladkikh and his partners \u2014 using resources from an outfit associated with Russia&#8217;s Ministry of Defense \u2014 systematically targeted systems at the oil refinery to try to plant Triton on the facility&#8217;s Triconex systems. The four-month campaign began in May 2017 when Gladkikh gained initial access to the energy company&#8217;s IT network. The indictment did not provide details on how he might have gained that initial foothold.<\/p>\n<p>He, along with partners, then went about systematically gathering technical log files on the Triconex systems while also trying to disable cybersecurity controls that were designed to prevent unauthorized access to the systems.<\/p>\n<p>As part of his effort to familiarize himself with the Triconex environment, Gladkikh accessed historical log data on the systems stored in the refinery&#8217;s data historian servers. These are <a href=\"https:\/\/c3.ai\/glossary\/features\/data-historian\/\" target=\"_blank\" rel=\"noopener\">systems<\/a> connected to an organization&#8217;s control system environment that are responsible for collecting, storing, and logging data from there. He then used the historian server \u2014 and stolen credentials \u2014 as a gateway to remotely access an engineering workstation that was part of the refinery&#8217;s distributed control system environment, which typically serves as a bridge between an organization&#8217;s IT and OT environment.<\/p>\n<p>In this case, the workstation that Gladkikh and his partners broke into was connected to the Saudi energy company&#8217;s Triconex safety instrumentation systems.<\/p>\n<p><strong>Extensive Reconnaissance<\/strong><br \/>He then proceeded to install a backdoor on the workstation to ensure continued access to it, and once again methodically went about trying to understand the protocols that the system used to communicate with the connected Triconex systems. In the process, Gladkikh and his accomplices discovered that some Triconex systems were configured in such a way that they required a physical key to be turned to a &#8220;program&#8221; mode before new code could be introduced to the devices. But some systems \u2014 it&#8217;s unclear how many \u2014 were running in program mode.<\/p>\n<p>Gladkikh found one of those devices \u2014 connected to systems handling tasks like sulfur recovery and burn management \u2014 and proceeded to install an early version of Triton on it. But safety controls in the SIS quickly caught the malicious code and in minutes initiated an emergency shutdown of the oil refinery.<\/p>\n<p>Several weeks later, Gladkikh and his conspirators installed credential-harvesting malware on the historian server and later installed an updated version of Triton on another Triconex SIS that was also set to run in program mode. The malware this time was specifically designed and customized to run on the specific model of Triconex devices, and in a matter of hours it had copied itself to other Triconex devices. But as happened the first time, a Triconex safety feature spotted something amiss and triggered a second emergency shutdown of the refinery.<\/p>\n<p>In a somewhat chilling demonstration of attacker persistence, Gladkikh got back on the energy company&#8217;s IT network several weeks later and this time broke into a file server containing business records. The goal was to find information on how the refinery had responded to the emergency shutdown, presumably so he could use that information to make recovery harder next time.<\/p>\n<p> The US indictment alleged that while Gladkikh&#8217;s malware triggered emergency shutdowns, his real goal was to cause extensive damage to the facility. The indictment alleged that the Russian operative and his partners had obtained the knowledge to disable or disturb the Saudi plant&#8217;s safety shutdown procedures in such a way as to cause catastrophic plant failure.<\/p>\n<p>Read More <a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/indictment-against-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Evgeny Viktorovich Gladkikh tried to cause catastrophic damage to Saudi oil refinery in 2017 via the Triton\/Trisis malware, the US has alleged.Read More <a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/indictment-against-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-45882","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Indictment of Russian National Offers Glimpse Into Methodical Targeting of Energy Firm 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Indictment of Russian National Offers Glimpse Into Methodical Targeting of Energy Firm 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-03-25T23:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7fa0a66be9c24994\/623e2853961f920d3475a3b6\/refinery_Red_ivory_shutterstock.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Indictment of Russian National Offers Glimpse Into Methodical Targeting of Energy Firm\",\"datePublished\":\"2022-03-25T23:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\\\/\"},\"wordCount\":852,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt7fa0a66be9c24994\\\/623e2853961f920d3475a3b6\\\/refinery_Red_ivory_shutterstock.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\\\/\",\"name\":\"Indictment of Russian National Offers Glimpse Into Methodical Targeting of Energy Firm 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt7fa0a66be9c24994\\\/623e2853961f920d3475a3b6\\\/refinery_Red_ivory_shutterstock.jpg\",\"datePublished\":\"2022-03-25T23:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt7fa0a66be9c24994\\\/623e2853961f920d3475a3b6\\\/refinery_Red_ivory_shutterstock.jpg\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt7fa0a66be9c24994\\\/623e2853961f920d3475a3b6\\\/refinery_Red_ivory_shutterstock.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Indictment of Russian National Offers Glimpse Into Methodical Targeting of Energy Firm\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Indictment of Russian National Offers Glimpse Into Methodical Targeting of Energy Firm 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/","og_locale":"en_US","og_type":"article","og_title":"Indictment of Russian National Offers Glimpse Into Methodical Targeting of Energy Firm 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-03-25T23:00:00+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7fa0a66be9c24994\/623e2853961f920d3475a3b6\/refinery_Red_ivory_shutterstock.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Indictment of Russian National Offers Glimpse Into Methodical Targeting of Energy Firm","datePublished":"2022-03-25T23:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/"},"wordCount":852,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7fa0a66be9c24994\/623e2853961f920d3475a3b6\/refinery_Red_ivory_shutterstock.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/","url":"https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/","name":"Indictment of Russian National Offers Glimpse Into Methodical Targeting of Energy Firm 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7fa0a66be9c24994\/623e2853961f920d3475a3b6\/refinery_Red_ivory_shutterstock.jpg","datePublished":"2022-03-25T23:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7fa0a66be9c24994\/623e2853961f920d3475a3b6\/refinery_Red_ivory_shutterstock.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7fa0a66be9c24994\/623e2853961f920d3475a3b6\/refinery_Red_ivory_shutterstock.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/indictment-of-russian-national-offers-glimpse-into-methodical-targeting-of-energy-firm\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Indictment of Russian National Offers Glimpse Into Methodical Targeting of Energy Firm"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/45882","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=45882"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/45882\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=45882"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=45882"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=45882"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}