Father
Professional
- Messages
- 2,602
- Reaction score
- 776
- Points
- 113
I pressed the button and the light went out
An employee of "Rosseti" managed to turn off electricity in 38 settlements of the Vologda region without help, alone, using a personal laptop. The actions of the hacker, who in real life was a 48-year-old engineer of the first category at the time of the crime, led to very serious consequences, because he left not only ordinary residents without electricity. The engineer disrupted the work of several electric power companies.
The attacker managed to pull off the plan with the help of specialized software installed on his personal laptop. He remotely connected to his office computer, after which he got access to the overhead line controllers in Babayevsky, Ustyuzhensky and Sheksninsky municipalities, opened their configuration files and changed the parameters saved in them.
The next step of the almost 50-year-old hacker turned off the overhead lines and artificially caused the controllers to reboot. As a result, other specialists of Rosseti lost the ability to remotely activate air lines disabled by a cybercriminal. This made it difficult to restore the power grid and slowed down the resumption of electricity supply to consumers.
I couldn't hide
The engineer committed his crime on February 18, 2023. According to Tadviser, at that time he worked in PJSC Rosseti North-West. Currently, as indicated on the website of the Prosecutor's Office of the Vologda region, he is a former employee of this organization. How exactly it turned out to establish the identity of the hacker, at the time of the release of the material was not known, but he still could not avoid punishment for what he had done.
A criminal case was initiated against the engineer of the first category under Article 274.1 of the Criminal Code of the Russian Federation (unlawful influence on the critical information infrastructure of Russia (CII)). In this case, he attacked one of the CII objects, which include critical networks and information systems of CII subjects.
CII subjects are government organizations, legal entities, and individual entrepreneurs that own information systems from a number of strategically important industries: transport, telecommunications, banking, nuclear energy, fuel and energy, healthcare, science, metallurgy, defense, rocket and space, and chemical industries. In other words, Rosseti is the subject of the CII, and the electric networks entrusted to the company are the object of the CII.
Instead of a real term, use a conditional one
An employee of "Rosseti", received a sentence that does not correspond to what is prescribed in the current Russian Criminal Code. He managed to avoid a multi-year prison sentence.
The engineer's act was classified as a violation of Part 4 of Article 274.1 of the Criminal Code of the Russian Federation, that is, as unlawful influence on the cue, "committed by a group of persons by prior agreement or an organized group, or by a person using his official position." Such a crime is punishable by imprisonment for a term of three to eight years, with or without the right to hold certain positions or engage in certain activities for a term of up to three years. In other words, the hacker was waiting for prison, but he managed to get off with a suspended sentence.
According to the verdict of the Kirillovsky District Court of the Vologda Region issued at the end of April 2024, the engineer was found guilty under Part 4 of Article 274.1 of the Criminal Code of the Russian Federation. He was sentenced to two years of probation with a suspended sentence of one and a half years. In addition, at the request of the state prosecutor, the laptop from which the hacker disconnected the air lines should be confiscated in favor of the state.
The Prosecutor's Office of the Vologda region explained the sentencing, which does not correspond to the punishment prescribed in the Criminal Code of the Russian Federation, as follows: "The court, taking into account the position of the state prosecutor, data characterizing the identity of the defendant." Exactly what data describing the identity of the hacker who left tens of thousands of Russians without electricity helped mitigate his sentence remained unknown at the time of the material's release.
An employee of "Rosseti" managed to turn off electricity in 38 settlements of the Vologda region without help, alone, using a personal laptop. The actions of the hacker, who in real life was a 48-year-old engineer of the first category at the time of the crime, led to very serious consequences, because he left not only ordinary residents without electricity. The engineer disrupted the work of several electric power companies.
The attacker managed to pull off the plan with the help of specialized software installed on his personal laptop. He remotely connected to his office computer, after which he got access to the overhead line controllers in Babayevsky, Ustyuzhensky and Sheksninsky municipalities, opened their configuration files and changed the parameters saved in them.
The next step of the almost 50-year-old hacker turned off the overhead lines and artificially caused the controllers to reboot. As a result, other specialists of Rosseti lost the ability to remotely activate air lines disabled by a cybercriminal. This made it difficult to restore the power grid and slowed down the resumption of electricity supply to consumers.
I couldn't hide
The engineer committed his crime on February 18, 2023. According to Tadviser, at that time he worked in PJSC Rosseti North-West. Currently, as indicated on the website of the Prosecutor's Office of the Vologda region, he is a former employee of this organization. How exactly it turned out to establish the identity of the hacker, at the time of the release of the material was not known, but he still could not avoid punishment for what he had done.
A criminal case was initiated against the engineer of the first category under Article 274.1 of the Criminal Code of the Russian Federation (unlawful influence on the critical information infrastructure of Russia (CII)). In this case, he attacked one of the CII objects, which include critical networks and information systems of CII subjects.
CII subjects are government organizations, legal entities, and individual entrepreneurs that own information systems from a number of strategically important industries: transport, telecommunications, banking, nuclear energy, fuel and energy, healthcare, science, metallurgy, defense, rocket and space, and chemical industries. In other words, Rosseti is the subject of the CII, and the electric networks entrusted to the company are the object of the CII.
Instead of a real term, use a conditional one
An employee of "Rosseti", received a sentence that does not correspond to what is prescribed in the current Russian Criminal Code. He managed to avoid a multi-year prison sentence.
The engineer's act was classified as a violation of Part 4 of Article 274.1 of the Criminal Code of the Russian Federation, that is, as unlawful influence on the cue, "committed by a group of persons by prior agreement or an organized group, or by a person using his official position." Such a crime is punishable by imprisonment for a term of three to eight years, with or without the right to hold certain positions or engage in certain activities for a term of up to three years. In other words, the hacker was waiting for prison, but he managed to get off with a suspended sentence.
According to the verdict of the Kirillovsky District Court of the Vologda Region issued at the end of April 2024, the engineer was found guilty under Part 4 of Article 274.1 of the Criminal Code of the Russian Federation. He was sentenced to two years of probation with a suspended sentence of one and a half years. In addition, at the request of the state prosecutor, the laptop from which the hacker disconnected the air lines should be confiscated in favor of the state.
The Prosecutor's Office of the Vologda region explained the sentencing, which does not correspond to the punishment prescribed in the Criminal Code of the Russian Federation, as follows: "The court, taking into account the position of the state prosecutor, data characterizing the identity of the defendant." Exactly what data describing the identity of the hacker who left tens of thousands of Russians without electricity helped mitigate his sentence remained unknown at the time of the material's release.
