Two Russian nationals indicted for cyber hacking on behalf of Russian government

SAN FRANCISCO, Calif. - A federal grand jury filed an indictment Thursday against two Russian nationalists in an ongoing investigation regarding sophisticated hacking incidents here in the U.S., as well as abroad. 

Multiple federal agencies, including the State department, the F.B.I. and the Department of Defense have been involved in investigating those responsible for malicious cyber-enabled activities. 

On the 13th floor of the Phillip Burton Federal Building in San Francisco, a large poster was placed on an easel, showing pictures and names of the two charged with conspiracy. 

U.S. Attorney Ismail Ramsey spoke to the media about the case. He identified the two men in the indictment, saying "Andrey Stanislavovich Korinets procured infrastructure and support of Callisto group activities and Ruslan Alksandrovich Peretyatko, an officer in F.S.B.’s Center 18 Center for Information Security." 

The two are reported by the FBI as being part of a larger hacker group, "Callisto" reportedly connected to Russia’s Federal Security Service, the equivalent to the U.S. Federal Bureau of Investigations here in the U.S. 

Robert Tripp, is special agent in charge of the FBI’s San Francisco field office. Agent Tripp gave details about the six-year investigation that is still ongoing. 

He shared, "From approximately October 2016 to October 2022, the Callisto group targeted individuals that were privy to sensitive national security information. 

In the US, victims include current and former employees of the departments of defense, the department of energy as well as private sector defense contractors, and the Department of State."  

The attacks were designed to obtain unauthorized access to accounts and information for the benefit of the Russian government. 

US Attorney Ismail Ramsey and FBI Northern California district Special Agent in Charge Robert Tripp (right) (Alice Wertz)

The ‘Callisto’ hackers use what’s known as ‘spearfishing.’ 

It’s a tricky practice hackers use to get unauthorized access to confidential information. 

It’s used to effectively trick a user into unknowingly providing access to a network by sending emails appearing to be from a trusted sender. The user is usually redirected to a fake website that looks legitimate, where they enter passwords or unknowingly allow access to networks. 

In the indictment, the Grand Jury charges the two Russians with engaging in a sophisticated global "spear phishing’ campaign to target and gain unauthorized access to national secrets regarding energy, technology, and research for the benefit of the Russian government. 

Defense contractors and non-governmental organizations have also been targeted by the group. 

Additionally, the targets of the hacker group included U.K. political figures, think tank researchers, staff, and journalists.

Wanted for cyber hacking and spear phishing against the US and other countries (Alice Wertz)

Information from those hacked accounts were later leaked to the press in both Russia and the U.K. in advance of U.K. elections in 2019. 

The case was filed in the Northern District of California. Northern California has a large presence of technology companies and energy firms. The Silicon Valley and San Francisco region are dense with valuable technology and intellectual property. 

The F.B.I Special Agent Tripp said he believes these two hackers are currently in Russia. 

The U.S. State Department is offering up to a $10 million dollar reward for information about these two Russian nationals, their affiliates or anyone related to this global cyber hacking network. 

Alice Wertz is a freelance reporter for KTVU Fox 2 News. She can be reached at Alice.Wertz@Fox.com