Yesterday, the government rolled out two hacking indictments from last year as part of its effort to use legal documents to expose Russian spying operations. While the indictments are important speaking documents, I realized from the response that the subset of journalists who focus primarily on cybersecurity were unaware that this effort was part of a larger effort to demonstrate Russia’s spying that DOJ (and, surely, other agencies of the IC) have been pursuing since the Russian invasion.
So I wanted to start collecting all instances here as a way to see the entire package of what DOJ is doing. I’ll try to keep this up-to-date.
February 22, 2022: Treasury sanctions Russian banks
Individual targets include Denis Aleksandrovich Bortnikov, Petr Mikhailovich Fradkov, Vladimir Sergeevich Kiriyenko.
February 24, 2022: Treasury sanctions Russian banks
Targets include Sberbank, VTB, Gazprom, Rostelecom, Alfa Bank, Sergei Sergeevich Ivanov, Andrey Patrushev, Ivan Sechin (the latter sons of key oligarchs).
February 25, 2022: Treasury sanctions Putin and Sergei Lavrov
February 28, 2022: Treasury sanctions Kirill Dmitriev
Targets include Dmitriev and RDIF.
US expels 12 Russian diplomats at UN.
March 3, 2022: Treasury sanctions key Putin cronies
Targets include Alisher Burhanovich Usmanov, Nikolay Petrovich Tokarev, Yevgeniy Prigozhin and their families.
March 3, 2022: US v. Jack Hanick
November 4, 2021 sealed indictment against a former Fox employee who helped sanctioned oligarch Konstantin Malofeyev set up some media outlets to push Russian propaganda. Hanick was arrested in the UK on February 3, 2022 and is being extradited. (press release; my post)
March 7, 2022: US v. Elena Branson
March 11, 2022: Treasury sanctions Oligarchs
Targets include Dmitri Peskov and his family, Viktor Feliksovich Vekselberg, and the VTB board.
March 14, 2022: US v. Andrey Muraviev
September 17, 2020 indictment against the funder for Lev Parnas’ cannabis donations, Andrey Murviev. The S2 indictment is otherwise identical to the S1 indictment obtained the same day, though with Muraviev identified. (press release; my post)
March 17, 2022: Treasury creates task force to target Oligarchs
March 18, 2022: Baltic states expel diplomats
Baltic states expel 10 diplomats.
March 24, 2021: Treasury sanctions targeting industrial base
Sanctions targeting military industrial complex, Duma members, Herman Oskarovich Gref.
March 24, 2022: US v. Evgeny Viktorovich Gladkikh
June 29, 2021 indictment against Evgeny Gladkikh for Triton hacking operations targeting refineries and other energy facilities
March 24, 2022: US v. Pavel Aleksandrovich Akulov
August 26, 2021 indictment against three FSB officers working as part of the Dragonfly or Berzerk Bear hacking group for targeting ICS systems.
March 29, 2022: Europeans expel diplomats
Ireland expels 4 “diplomats.”
March 31, 2022: Treasury focuses on sanctions-evasion network
Treasury adds sanctions against companies used to evade sanctions, four key Russian tech companies, and the head of the organization for which Gladkikh works, TsNIIKhM’s General Director, Sergei Alekseevich Bobkov and itsDeputy General Director, Konstantin Vasilyevich Malevanyy.
April 4, 2022: FBI and Spanish authorities freeze Viktor Vekselberg’s yacht, Tango
FBI and Spanish authorities freeze Viktor Vekselberg’s yacht, Tango, for sanction violations and money laundering efforts to evade those sanctions.
Also Germany expels 40 “diplomats” and France expels 35.
April 5: Dmitry Pavlov and Hydra Market
DOJ charged Dmitry Pavlov and, with German assistance, shut down the Hydra Market to which he leased a server.
April 6: Semion Meogilevich, Konstantin Malofeyev, additional sanctions on Sberbank, Alfa Bank, and Putin, Medvedev, and Lavrov’s families, Cyclops Blink
Department of State offers a $5 million reward for information leading to Semion Mogilevich’s arrest.
DOJ charged Konstantin Malofeyev under the mirror charges to those against Jack Hanick.
The White House added sanctions to Sberbank and Alfa Bank, added new restrictions on US investments in Russia, and added family members of Putin, Medvedev, and Lavrov’s families.
DOJ rolled out the shut-down, in March, of the Cyclops Blink botnet run by Sandworm.
April 14: Aleksandr Mikhaylovich Babakov
April 20: Malofeyev’s network
Treasury sanctions Malofeyev’s family, sanctions-evasion, and influence networks
April 26: Sandworm
State offers a $10 million reward for six hackers involved in the Sandworm NotPetya attack.
May 5: Pursuant to a US warrant, Fiji seizes Oligarch Suleiman Kerimov’s yacht
Fiji seized the $300 million yacht pursuant to a US based warrant.
September 30: Treasury sanctions a ton of Duma and Federation members
These sanctions were prepared as a response to Russia’s claim to have annexed additional parts of Ukraine.