The Department of Justice (DOJ) announced Tuesday a Russian national has been charged and sanctioned for allegedly using three ransomware variants to conduct cyberattacks on critical U.S. infrastructure.

According to the DOJ news release, Russian national and resident Mikhail Pavlovich Matveev was charged with conspiring to transmit ransom demands, conspiring to damage protected computers, and intentionally damaging protected computers.

According to one unsealed indictment obtained in the District of New Jersey, Matveev allegedly participated in conspiracies using variants known as LockBit, Babuk, and Hive, using each platform to transmit ransom demands. He, along with others, reportedly used the ransomware to attack thousands of victims in the U.S. and across the world, specifically targeting victims who work in “law enforcement, government agencies, hospitals, and schools.”

Between June 2020 to May 2022, the group conducted ransomware attacks on a law enforcement agency and a nonprofit behavioral healthcare organization in New Jersey, according to court documents. They made as much as $400 million in their ransom campaigns, while total victim ransom payments could amount to as much as $200 million.

According to another unsealed indictment, obtained in the District of Columbia, Matveev also allegedly participated in conspiracies to deploy Babuk and to transmit a ransom demand. They gave an example of an April 2021 incident where ransomware was used against the Metropolitan Police Department (MPD), and the group threatened to disclose sensitive information to the public unless a payment was made.

The indictments come after the State Department announced earlier Tuesday a reward offer — under the Transnational Organized Crime Rewards Program (TOCRP) — of up to $10 million for information leading to the arrest and potential conviction of Matveev for transnational organized crime.

“From his home base in Russia, Matveev allegedly used multiple ransomware variants to attack critical infrastructure around the world, including hospitals, government agencies, and victims in other sectors,” said Kenneth A. Polite Jr., the DOJ’s Criminal Division assistant attorney general, in a statement. “These international crimes demand a coordinated response. We will not relent in imposing consequences on the most egregious actors in the cybercrime ecosystem.”

If convicted on all charges, Matveev faces more than 20 years in prison.

Source: https://thehill.com/policy/cybersecurity/4006726-russian-national-charged-in-cyberattacks-on-critical-us-infrastructure/