In a decisive move on December 9, 2025, the U.S. Justice Department announced fresh criminal charges against a Ukrainian national, accusing her of involvement in cyberattacks aligned with Russian interests attacks that disrupted essential infrastructure, including water and food services. The defendant stands charged under a second indictment in a Los Angeles federal court, based on her alleged collaboration with a group identified as NoName057(16). The same individual previously faced charges tied to a separate group under indictment.
Overview of the Allegations
According to the federal indictment, the suspect supported hacking operations by NoName057(16), a group prosecutors link to Russia-backed cyber operations. Authorities previously extradited her on related charges connected to a group designated CyberArmyofRussia_Reborn (CARR). Prosecutors assert that both groups operate under Russian sponsorship and orchestrated attacks targeting U.S. infrastructure, including public utilities and essential services.
The indictment names multiple incidents where cyber intrusions disrupted critical services a clear demonstration of how state-linked cyber campaigns now target domestic infrastructure.
What the DOJ Charges Say
Federal prosecutors allege that the defendant facilitated unauthorized intrusions into protected computer systems, orchestrated network disruptions, and undermined service availability to vital sectors like water supply and food distribution. The second indictment follows earlier charges tied to CARR, underlining a pattern of alleged involvement in sustained malicious activity.
In their announcement, U.S. officials emphasized this action as a significant step toward holding Russia-linked actors accountable, whether they operate directly as state agents or through criminal proxies.
Why This Case Matters
This case marks more than another cybercrime prosecution — it underlines a growing trend: state-backed cyberattacks targeting civil infrastructure and everyday services. Experts view it as part of a broader Russian strategy that combines geopolitical aims with disruptive cyber tactics.
By charging individuals tied to such networks, the DOJ signals that infrastructure attacks once largely the domain of espionage — now fall under criminal law, potentially deterring future attempts and disrupting active operations.
Broader Context: Historical Precedent & Rising Threats
Russia’s history of cyber offensives includes large-scale attacks on foreign states, data theft campaigns, and sabotage efforts against critical infrastructure. This latest indictment reflects how those tactics have evolved into a direct threat to U.S. civil services.
Recent U.S. indictments — including this one — and actions by cybersecurity agencies show increased vigilance. The federal government has ramped up cooperation with private-sector partners to monitor, attribute, and disrupt malicious Russian cyber networks globally.
Implications for U.S. Cyber Defense and Infrastructure Resilience
Officials and private-sector defenders alike should treat this case as a wake-up call. Entities operating water, food distribution, and other essential services must review access controls, patch legacy systems, enforce multi-factor authentication, and monitor network traffic for suspicious behavior. Threat-intelligence feeds listing NoName, CARR, or related IOCs should be integrated into SIEM and intrusion-detection systems. This development also underscores the importance of cross-agency coordination and public-private collaboration in responding to modern cyber threats.
FAQs
Q: Who did the DOJ indict?
A: The indictment names a 33-year-old Ukrainian national accused of collaborating with the Russia-linked cyber groups NoName057(16) and CARR. She previously faced charges under the first indictment and now stands accused under a second one for further infrastructure-targeting cyberattacks.
Q: What kind of infrastructure was targeted?
A: According to prosecutors, the attacks focused on critical infrastructure, including water supply and food distribution systems, posing grave national-security and public-safety risks.
Q: Are these groups official Russian state actors or criminal proxies?
A: Prosecutors allege both NoName057(16) and CARR operate with Russian support though the exact nature of that support (direct state operation vs. proxy criminal network) remains under investigation.
Q: What does this case signal for future cyber defense?
A: The case highlights a renewed emphasis on criminal prosecution of infrastructure-targeting cyberattacks, signaling that nation-state linked cyber threats will face legal consequences. It underlines the need for strengthened defensive measures in critical sectors and active threat-intelligence collaboration.
One thought on “Critical Infrastructure Under Attack: Russia-Backed Cybercrime”