The United States is designating two members of the Russian hacktivist group Cyber Army of Russia Reborn (CARR) for their roles in cyber operations against U.S. critical infrastructure entities.
Since 2022, CARR has conducted malicious cyber activities against Ukraine and governments that support Ukraine. In late 2023, CARR escalated its operations, claiming responsibility for compromising the industrial control systems of multiple U.S. and European critical infrastructure targets. CARR has since been responsible for a slew of malicious cyber activities against water supply, hydroelectric, wastewater, and energy facilities in the United States and Europe.
Russia continues to provide a safe haven to cybercriminals and enable their malicious cyber activities against the United States and its allies and partners. While CARR's lack of sophistication and victims' responses have thus far prevented any instances of major damage, unauthorized access to critical infrastructure systems poses an elevated risk of harm to the public and can result in devastating humanitarian consequences.
Today's action furthers our efforts to combat foreign malicious cyber activity and sends a clear message that this activity will not be tolerated. We will continue to disrupt cybercriminals who seek to undermine our critical infrastructure and that of our partners.
Today's targets consist of the group's leader and primary hacker. The Department of the Treasury is taking these actions pursuant to Executive Order 13694
