Beginning in 2011, Russian government-linked hackers began targeting U.S. critical infrastructure companies with malware attacks that eventually compromised several targets, according to the Department of Homeland Security (DHS). DHS, which published a warning in 2014 that the attacks had compromised “numerous industrial control systems environments,” reported that the hackers used a variant of the BlackEnergy malware, which Russian government-linked hackers previously used to target critical infrastructure in Ukraine. Analysts attributed the attacks to a group linked to Russia’s military intelligence agency (GRU). The hacking campaign reportedly affected over 1,000 organizations in over 84 countries. The goal of the attacks may have been industrial espionage; however, according to The New York Times, researchers reported that the hackers could hijack “industrial control systems from afar” if they so desired.