US sanctions Russian CHEMICAL research institute, saying it’s ‘connected’ to Triton computer malware used in foreign cyber attacks

23 Oct, 2020 23:42 / Updated 4 years ago

A Moscow research institute involved in developing high-tech S-300 air defense missiles has been blacklisted by the US Treasury Department over alleged “connections” to malware used “against US partners in the Middle East.”

The Central Scientific Institute of Chemistry and Mechanics (TsNIIKhM, or ЦНИИХМ) is “connected to the destructive Triton malware,” Treasury Secretary Steven Mnuchin declared on Friday, accusing it of “building customized tools that enabled” the cyber-attack on “a petrochemical facility in the Middle East” that allegedly took place in August 2017.

No evidence was offered for this claim, nor the one that in “2019, the attackers behind the Triton malware were also reported to be scanning and probing at least 20 electric utilities in the United States for vulnerabilities.”

The alleged malware attack targeted industrial control systems at the facility and “had the capability to cause significant physical damage and loss of life,” the Treasury said in the announcement. 

There have been media reports of a cyber-attack on a petrochemical facility in Saudi Arabia in August 2017, but its name or ownership have never been revealed. A March 2018 New York Times story said that “Iran, China, Russia, the United States and Israel had the technical sophistication to launch such attacks,” and speculated that Iran was behind it, arguing that none of the others had the motive to do so.

Also on rt.com US expands sanctions against Russia’s Nord Stream 2 gas pipeline

The sanctioned institute dates back to a gunpowder research lab founded in 1894, and is the leading scientific organization in Russia “in the interests of defense and security of the state,” according to the Association of State Scientific Centers, an umbrella group for 48 Russian government-funded research facilities.

As a result of the sanctions, any property of the institute in possession of US persons is blocked and Americans are prohibited from any transactions with it. The designation also opens non-Americans to sanctions if they do business with the institute.

The sanctions were imposed under the Countering America’s Adversaries Through Sanctions Act (CAATSA), a law approved with veto-proof majorities in both the House and the Senate in July 2017 – at the height of the ‘Russiagate’ hysteria. 

Think your friends would be interested? Share this story!