The U.S. Department of State’s Rewards for Justice (RFJ) program is now offering a reward for information on Russian Federal Security Service (FSB) officers Pavel Aleksandrovich Akulov, Mikhail Mikhailovich Gavrilov, and Marat Valeryevich Tyukov for their alleged involvement in computer intrusions, wire fraud, aggravated identity theft, and damage to the property of an energy facility offenses.

Today’s announcement marks the first time that RFJ has named any foreign government security personnel under its critical infrastructure reward offer.

RFJ, which is administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information leading to the identification or location of Akulov, Gavrilov, Tyukov, or any other person who, while acting at the direction or under the control of a foreign government, aids or abets a violation of the Computer Fraud and Abuse Act, which may include participation in malicious cyber activities against U.S. critical infrastructure.

These officers were members of an FSB component known as Center 16 and worked at a specific operational group known as Military Unit 71330, known by cybersecurity researchers as “Dragonfly,” “Energetic Bear,” and “Crouching Yeti.”

These FSB officers conspired to commit computer intrusions, including “supply chain attacks,” in furtherance of the Russian government’s efforts to maintain surreptitious, unauthorized, and persistent access to the computer networks of companies and other entities in the international energy sector, including oil and gas firms, nuclear power plants, and other utility and electrical grid companies.  Specifically, the conspirators targeted the software and hardware that controls equipment in power generation facilities, known as industrial control systems or supervisory control and data acquisition systems.  Access to such systems would have provided the Russian government the ability to, among other things, disrupt and damage such computer systems at a future date of its choosing..

In total, the defendants and the co-conspirators targeted more than 500 U.S. and foreign energy-sector companies in 135 other countries.  In just one phase of their hacking campaign, the conspirators installed malware on more than 17,000 unique devices worldwide.

More information about this reward offer is located on the Rewards for Justice website at https://rewardsforjustice.net/english/malicious_cyber_activity.html . We encourage anyone with information on the malicious cyberactivity of Pavel Aleksandrovich Akulov, Mikhail Mikhailovich Gavrilov, and Marat Valeryevich Tyukov to contact Rewards for Justice via the Tor-based tips-reporting channel at: he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion (Tor browser required).

Since its inception in 1984, the program has paid in excess of $200 million to more than 100 people across the globe who provided actionable information that helped prevent terrorism, bring terrorist leaders to justice, and resolve threats to U.S. national security. Follow us on Twitter at https://twitter.com/RFJ_USA .

U.S. Department of State

The Lessons of 1989: Freedom and Our Future