A source familiar with the intelligence told Fox News that 21 American companies, including Chevron Corporation and Cheniere Energy, were targeted two weeks before Russia launched its multi-front war on Ukraine.
The U.S. Cybersecurity and Infrastructure Security Agency is working to confirm that the attacks emanated from Russia, but the source told Fox News it is believed that this hack marked the first stage of Russia’s effort to destabilize the U.S. energy industry.
The source told Fox News that the computers belonging to current and former employees were hacked during the attack.
"Chevron takes the threat of malicious cyber activity seriously," A Chevron spokesperson told Fox News. "We have implemented the United States government's recommendations into our cybersecurity safeguards to protect Chevron's computing environment."
Cheniere did not immediately respond to Fox News' request for comment.
President Biden on Tuesday announced a ban on all imports of Russian oil, gas and energy to the United States, targeting the "main artery" of Russia's economy amid Russian President Vladimir Putin's war on Ukraine. Russia is the third-largest producer of oil in the world.
The U.S. intelligence community in January assessed that Russia would remain a "top cyber threat" in 2022 as it refines and employs its espionage, influence and attack capabilities.
"We assess that Russia views cyber disruptions as a foreign policy lever to shape other countries’ decisions, as well as a deterrence and military tool," states the intelligence community's annual threat assessment report, released Tuesday.
The intelligence community found that Russia is particularly focused on improving its ability "to target critical infrastructure, including underwater cables and industrial control systems" in the United States, as well as in U.S. allied and partner countries. The IC found that Russia’s successful compromise of that infrastructure would demonstrate Russia’s "ability to damage infrastructure during a crisis."
The IC, at the time, said Russia is also using cyber operations to "attack entities it sees as working to undermine its interests or threaten the stability of the Russian Government."
This week, New York state said it is facing "increased risk" of cyberattacks from Russian retaliators, with NYPD officials warning that New York City is on "ultra-high alert."
In mid-February, Russia was suspected of launching cyberattacks that brought down websites belonging to Ukraine’s Ministry of Defense, army and popular banks, a move officials, at the time, called the "largest" of its kind in the history of Ukraine. The Kremlin denied Russian involvement.
Just a week later, on Feb. 24 Russia launched its multi-front war against Ukraine.
Meanwhile, a government source told Fox News that CISA and the FBI are working with an unnamed American pharmaceutical company whose top executives have been targeted by Russian intelligence operatives in ongoing "malicious phishing attacks."
The U.S. government has attributed these cyberattacks to a Federal Security Service training site in Nizhniy Novgorod.
Fox News has learned that those attacks began last week.
Last month, the Department of Homeland Security warned U.S. organizations at all levels that they could face cyberthreats stemming from the Russia-Ukraine conflict.
The Biden administration has worked to strengthen cyber defenses after a string of ransomware attacks last summer, with foreign malign actors targeting pieces of U.S. critical infrastructure.
In June 2021, a ransomware assault shut down the U.S.-based meat plants of the world’s largest meatpacker, Brazil-based JBS. The White House said the hack was likely carried out by a criminal group based in Russia.
The attack on JBS came just weeks after the largest U.S. fuel pipeline, the East Coast's Colonial Pipeline, was targeted by a criminal group originating in Russia.
Biden, during his summit in Geneva with Russian President Vladimir Putin in June 2021, raised the issue of ransomware. Biden, at the time, said he told Putin that "certain critical infrastructure should be off limits to attack." Biden said he gave a list of "16 specific entities defined as critical infrastructure," saying it ranged from energy to water systems.
Putin, though, during his press conference after the meeting, denied that Russia was responsible for cyberattacks and instead claimed that most cyberattacks in the world were carried out from the U.S.
Biden in July signed a national security memorandum directing his administration to develop cybersecurity performance goals for critical infrastructure in the U.S. – entities like electricity utility companies, chemical plants and nuclear reactors.
The memo also formally established Biden's Cyber Security Initiative, a voluntary collaborative effort between the federal government and critical infrastructure entities to facilitate the deployment of technology and systems that provide threat visibility indicators and detections.