The British authorities have added the Russian Central Research Institute of Chemistry and Mechanics (FSUE “TsNIIHM”) to the sanctions list. This is stated in a statement on the website of the British Foreign Ministry.
The incident itself, in which the UK suspects TsNIIHM, occurred in 2017. Then a group of IT specialists allegedly launched malicious programs, thanks to which access was gained to a petrochemical plant in Saudi Arabia.
“The FSB Center 16, also known by the names of the hacker groups Energetic Bear, Berserk Bear and Crouching Yeti, almost certainly engaged in malicious cyber activity, affecting the work of critical IT systems and national infrastructure facilities in Europe, the Americas and Asia,” the British Foreign Ministry said.
According to the British version, the Research Institute deliberately developed “malware” designed to bypass security in the enterprise’s production management system, which led to two emergency plant shutdowns. According to the report, the malware “was created to provide attackers with full control over infected systems and could ensure the organization of the release of toxic gas or explosion, which would lead to the death of people and damage to the facility.”