The U.S. has put a price on Moscowโs cyber warriors โ and itโs a big one. Washington has announced a reward of up to $10 million for information on three Russian Federal Security Service (FSB) officers accused of launching cyberattacks on U.S. critical infrastructure in one of the most far-reaching cybercrime cases to date.
The suspects โ Marat Valeryevich Tyukov, Mikhail Mikhailovich Gavrilov, and Pavel Aleksandrovich Akulov โ were working under the FSBโs Center 16, a cyber unit better known in cybersecurity expert circles as Berserk Bear, Dragonfly, Blue Kraken, Koala Team, and Crouching Yeti.
They are said to have carried out a decade-long campaign of intrusions into nuclear facilities, oil and gas companies, and critical infrastructure operators worldwide.
A Long History Of Intrusions
Prosecutors say the trio was indicted in 2021 for a hacking campaign dating back nearly a decade. Between 2012 and 2017, they allegedly infiltrated U.S. government agencies such as the Nuclear Regulatory Commission and targeted the Wolf Creek Nuclear Operating Corporation in Burlington, Kansas.
Globally, they allegedly struck more than 500 energy companies across 135 countries, planting malware, stealing credentials, and mapping networks for future sabotage.
“For information on three Russian FSB officers who conducted malicious cyber activities against U.S. critical infrastructure on behalf of the Russian government. These officers also targeted more than 500 foreign energy companies in 135 other countries,” the State Departmentย wrote in a tweetย on Tuesday.
According to the FBI (Federal Bureau of Investigation), the operations of the suspects didnโt stop there. As recently as last year, the hackers were seen exploiting a seven-year-old vulnerability, CVE-2018-0171 โ a critical flaw in the Smart Install feature of Cisco IOS and IOS XE software to break into U.S. critical infrastructure.
While Cisco patched the bug in 2018, the end-of-life devices remain everywhere despite the company’s warning to administrators to upgrade equipment. However, with many organizations still running legacy hardware, the attackers had a ready-made backdoor.
They used this to hijack networking gear across telecoms, universities, manufacturers, and even state and local governments across North America, Europe, Asia, and Africa.
Whatโs Next?
Officials are urging anyone with information to contact the State Departmentโs Rewards for Justice program, even through a Tor-based channel, promising confidentiality, possible relocation, and the multimillion-dollar payout.
The Politics Behind The Bounty
Critics are questioning the timing of the move. The three suspects have been on Washingtonโs radar for years and are unlikely to leave Russia, where they remain shielded from extradition. Thatโs why many analysts view the $10 million bounty as more symbolic than practical โ less about capture and more about sending a message โ a public reminder that Washington is keeping score in the ongoing cyber tug-of-war with Moscow.
Whether symbolic or not, the message is blunt: if you target Americaโs critical systems, the U.S. will put a bounty on your head โ even if you are a spy.
