The United States has designated two members of the Russian hacktivist group Cyber Army of Russia Reborn (CARR) for their involvement in cyber operations targeting U.S. critical infrastructure entities.
Since 2022, CARR has engaged in malicious cyber activities against Ukraine and governments supporting Ukraine. In late 2023, the group escalated its operations, claiming responsibility for compromising the industrial control systems of multiple U.S. and European critical infrastructure targets. CARR has since been linked to various malicious cyber activities affecting water supply, hydroelectric, wastewater, and energy facilities in both the United States and Europe.
Russia continues to provide a safe haven for cybercriminals and enable their malicious activities against the United States and its allies. While CARR’s lack of sophistication and victims’ responses have so far prevented major damage, unauthorized access to critical infrastructure systems poses an elevated risk of harm to the public and can result in severe humanitarian consequences.
"Today’s action furthers our efforts to combat foreign malicious cyber activity and sends a clear message that this activity will not be tolerated," stated a U.S. official. "We will continue to disrupt cybercriminals who seek to undermine our critical infrastructure and that of our partners."
The targets identified today include the group's leader and primary hacker. The Department of the Treasury is taking these actions pursuant to Executive Order 13694, as amended. For more information on this designation, see Treasury’s press release.
