{"id":45911,"date":"2022-03-28T14:37:27","date_gmt":"2022-03-28T14:37:27","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/33261\/Feds-Allege-Destructive-Russian-Hackers-Targeted-US-Oil-Refineries.html"},"modified":"2022-03-28T14:37:27","modified_gmt":"2022-03-28T14:37:27","slug":"feds-allege-destructive-russian-hackers-targeted-us-oil-refineries","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/","title":{"rendered":"Feds Allege Destructive Russian Hackers Targeted US Oil Refineries"},"content":{"rendered":"<figure class=\"intro-image intro-left\"> <img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2019\/04\/oil-refinery-800x534.jpg\" alt=\"Critical infrastructure sites such as this oil refinery in Port Arthur, Texas, rely on safety systems.\"><figcaption class=\"caption\">\n<div class=\"caption-text\"><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2019\/04\/oil-refinery.jpg\" class=\"enlarge-link\" data-height=\"667\" data-width=\"1000\">Enlarge<\/a> <span class=\"sep\">\/<\/span> Critical infrastructure sites such as this oil refinery in Port Arthur, Texas, rely on safety systems.<\/div>\n<\/figcaption><\/figure>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\"> <a title=\"52 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/tech-policy\/2022\/03\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/?comments=1\"> <\/p>\n<h4 class=\"comment-count-before\">reader comments<\/h4>\n<p> <span class=\"comment-count-number\">75<\/span> <span class=\"visually-hidden\"> with 52 posters participating<\/span> <\/a> <\/p>\n<div class=\"share-links\">\n<h4>Share this story<\/h4>\n<\/p><\/div>\n<\/aside>\n<p> <!-- cache hit 179:single\/related:6275a2c611104194ed3799a2a3fd2979 --><!-- empty --><\/p>\n<p>For years, the hackers behind the malware known as Triton or Trisis have stood out as a uniquely dangerous threat to critical infrastructure: a group of digital intruders who attempted to sabotage industrial safety systems, with physical, potentially catastrophic results. Now the US Department of Justice has put a name to one of the hackers in that group\u2014and confirmed the hackers&#8217; targets included a US company that owns multiple oil refineries.<\/p>\n<p>On Thursday, just days after the White House warned of potential cyberattacks on US critical infrastructure by the Russian government in retaliation for new sanctions against the country, the Justice Department unsealed a pair of indictments that together outline a years-long campaign of Russian hacking of US energy facilities. In one set of charges, filed in August 2021, authorities name three officers of Russia&#8217;s FSB intelligence agency accused of being members of a <a href=\"https:\/\/www.wired.com\/story\/berserk-bear-russia-infrastructure-hacking\/\">notorious hacking group known as Berserk Bear, Dragonfly 2.0, or Havex<\/a>, known for targeting electrical utilities and other critical infrastructure worldwide, and widely suspected of working in the service of the Russian government.<\/p>\n<figure class=\"image shortcode-img right full\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2019\/02\/wired-logo.png\" width=\"218\" height=\"58\"><\/figure>\n<p>The second indictment, filed in June 2021, levels charges against a member of an arguably more dangerous team of hackers: a Russian group known variously as the Triton or Trisis actor, Xenotime or Temp.Veles. That second group didn&#8217;t merely target energy infrastructure worldwide but also took the rare step of inflicting real disruption in the <a href=\"https:\/\/www.eenews.net\/articles\/the-inside-story-of-the-worlds-most-dangerous-malware\/\">Saudi oil refinery Petro Rabigh in 2017<\/a>, infecting its networks with potentially destructive malware, and\u2014the indictment alleges for the first time\u2014attempting to break into a US oil-refining company with what appeared to be similar intentions. At the same time, a new advisory from the FBI cyber division warns that Triton &#8220;remains [a] threat,&#8221; and that the hacker group associated with it &#8220;continues to conduct activity targeting the global energy sector.&#8221; <\/p>\n<aside class=\"ad_wrapper\" aria-label=\"In Content advertisement\"> <span class=\"ad_notice\">Advertisement <\/span> <\/aside>\n<figure class=\"image shortcode-img center large\"><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/03\/wanted.jpg\" class=\"enlarge\" data-height=\"1269\" data-width=\"1600\" alt=\"Gladkikh and alleged co-conspirators at a Russian research institute are accused of being members of the uniquely dangerous Triton hacker group.\"><img loading=\"lazy\" decoding=\"async\" alt=\"Gladkikh and alleged co-conspirators at a Russian research institute are accused of being members of the uniquely dangerous Triton hacker group.\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/03\/wanted-640x508.jpg\" width=\"640\" height=\"508\" srcset=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/03\/wanted-1280x1015.jpg 2x\"><\/a><figcaption class=\"caption\">\n<div class=\"caption-text\"><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/03\/wanted.jpg\" class=\"enlarge-link\" data-height=\"1269\" data-width=\"1600\">Enlarge<\/a> <span class=\"sep\">\/<\/span> Gladkikh and alleged co-conspirators at a Russian research institute are accused of being members of the uniquely dangerous Triton hacker group.<\/div>\n<\/figcaption><\/figure>\n<p>The indictment of Evgeny Viktorovich Gladkikh, a staffer at the Moscow-based Kremlin-linked Central Scientific Research Institute of Chemistry and Mechanics (typically abbreviated TsNIIKhM), charges him and unnamed co-conspirators with developing the Triton malware and deploying it to sabotage Petro Rabigh&#8217;s so-called safety instrumented systems, sabotaging equipment intended to automatically monitor for and respond to unsafe conditions. The hacking of those safety systems could have led to disastrous leaks or explosions but instead triggered a fail-safe mechanism that twice shut down the Saudi plant&#8217;s operations. Prosecutors also suggest that Gladkikh and his collaborators appear to have tried to inflict a similar disruption on a specific but unnamed US oil refining firm, but failed.<\/p>\n<p>&#8220;Now we have confirmation from the government,&#8221; says Joe Slowik, a researcher at security firm Gigamon who analyzed the Triton malware when it first appeared and has tracked the hackers behind it for years. &#8220;We have an entity that was playing around with a safety-instrumented system in a high-risk environment. And to try to do that not just in Saudi Arabia, but in the United States, is concerning.&#8221;<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/33261\/Feds-Allege-Destructive-Russian-Hackers-Targeted-US-Oil-Refineries.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":45912,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[9459],"class_list":["post-45911","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackergovernmentusarussiacyberwarscada"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Feds Allege Destructive Russian Hackers Targeted US Oil Refineries 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Feds Allege Destructive Russian Hackers Targeted US Oil Refineries 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-03-28T14:37:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2019\/04\/oil-refinery-800x534.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Feds Allege Destructive Russian Hackers Targeted US Oil Refineries\",\"datePublished\":\"2022-03-28T14:37:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\\\/\"},\"wordCount\":546,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries.jpg\",\"keywords\":[\"headline,hacker,government,usa,russia,cyberwar,scada\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\\\/\",\"name\":\"Feds Allege Destructive Russian Hackers Targeted US Oil Refineries 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries.jpg\",\"datePublished\":\"2022-03-28T14:37:27+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries.jpg\",\"width\":800,\"height\":534},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,government,usa,russia,cyberwar,scada\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackergovernmentusarussiacyberwarscada\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Feds Allege Destructive Russian Hackers Targeted US Oil Refineries\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Feds Allege Destructive Russian Hackers Targeted US Oil Refineries 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/","og_locale":"en_US","og_type":"article","og_title":"Feds Allege Destructive Russian Hackers Targeted US Oil Refineries 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-03-28T14:37:27+00:00","og_image":[{"url":"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2019\/04\/oil-refinery-800x534.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Feds Allege Destructive Russian Hackers Targeted US Oil Refineries","datePublished":"2022-03-28T14:37:27+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/"},"wordCount":546,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/03\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries.jpg","keywords":["headline,hacker,government,usa,russia,cyberwar,scada"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/","url":"https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/","name":"Feds Allege Destructive Russian Hackers Targeted US Oil Refineries 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/03\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries.jpg","datePublished":"2022-03-28T14:37:27+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/03\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/03\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries.jpg","width":800,"height":534},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,government,usa,russia,cyberwar,scada","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackergovernmentusarussiacyberwarscada\/"},{"@type":"ListItem","position":3,"name":"Feds Allege Destructive Russian Hackers Targeted US Oil Refineries"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/45911","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=45911"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/45911\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/45912"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=45911"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=45911"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=45911"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}