The CEO of a cybersecurity company warned that Russian-linked hackers "got very close" to taking down a dozen gas and electric facilities in the United States early last year, shortly after the invasion of Ukraine, Politico reported Tuesday.
"This is the closest we've ever been to having U.S. or European infrastructure, I'd say U.S. infrastructure, go offline," Politico reported cyber security firm Dragos' founder and CEO Robert M. Lee telling reporters in a briefing. "It wasn't employed on one of its targets, they weren't ready to pull the trigger, they were getting very close."
While Lee didn't go into the specifics of the attempted cyberattacks, he said a hackers group, known as "Chernovite" used malicious software to try to take down "about a dozen" U.S. electric and liquid natural gas sites, Politico's report said.
According to the report, the attacks using malware called "Pipedream" were thwarted by "a coalition of U.S. government and cyber industry groups."
The Dragos website said that the Chernovite group "has the ability to disrupt, degrade, and potentially destroy industrial environments and physical processes in industrial environments."
The Pipedream malware itself, the company's website said, is offensive and gives operators the ability to "scan for new devices, brute force passwords, sever connections, and crash the target device" using several different computer protocols.
The company's assessment of the malware is that it was developed by "a state actor," and that circumstantial evidence points to a Russia-linked group of hackers.
"While our evidence connecting Incontroller [Pipedream] to Russia is largely circumstantial, we note it given Russia's history of destructive cyberattacks, its current invasion of Ukraine, and related threats against Europe and North America," the cybersecurity company Mandiant said in an April 2022 Security Week report.
According to the report, "Incontroller/Pipedream can be used by a threat actor that has access to the targeted organization's operational technology (OT) network to look for ICS and SCADA devices and take control of these systems."
Lee said his company is working with several U.S. federal agencies to keep the threat "off of American soil."
"I don't use those words lightly, not trying to hype anything up, but the state actor responsible for this, there is no chance that this was not their go-to package to be able to actually bring down infrastructure," Politico reported Lee said.
The U.S. Cybersecurity & Infrastructure Security Agency did not respond to Politico's request for comment on the story.
© 2025 Newsmax. All rights reserved.