The US Department of the Treasury (USDT) has imposed sanctions on a Russian government-controlled research institute found to be linked to the Triton malware.
Treasury said Friday the State Research Center of the Russian Federation FGUP Central Scientific Research Institute of Chemistry and Mechanics, also known as TsNIIKhM, was behind a 2017 cyber attack against a petrochemical facility in the Middle East, using the malware.
TsNIIKhM was also found to be surveying at least 20 U.S. electric facilities for cyber vulnerabilities in 2019. The Triton malware, also called HatMan and TRISIS, targets industrial safety systems at critical infrastructure facilities.
“As a result of today’s designation, all property and interests in property of TsNIIKhM that are in or come within the possession of U.S. persons are blocked, and U.S. persons are generally prohibited from engaging in transactions with them,” the department’s statement reads. “Additionally, any entities 50 percent or more owned by one or more designated persons are also blocked.”