Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Russian Military. Show all posts

Under Siege: Ukrainian Cyber Warriors Erase Vital Russian Military Data Center

 


On April 8 of this year, sources in the Ukrainian Security Service of Ukraine (SBU) told the Kyiv Independent that Ukrainian hackers, possibly linked to the SBU, destroyed a data centre used by Russian military, energy, and telecommunications companies. In a recent attack, Ukrainian hackers connected to the SSU cyber department destroyed a data centre belonging to a Russian industrial giant. 

They included Gazprom, Lukoil, Telecom and some of the leading military companies in the country. Sources have stated that more than 10,000 entities involved in the Russian military industry have stored their data in OwenCloud.ru cloud services, which the hackers targeted. 

A number of these companies, including Ural Works of Civil Aviation, Rubin, Ural Plant Spectechniks, Gazprom, Transgaz, Lukoil, Rosneft, Nornickel, Rostelecom, or MegaFon, reportedly make up this group: the oil and gas industry, the metallurgical and aerospace industry, as well as major telecommunication giants. 

A source stated that over 300 TB of data were taken out of circulation on 400 virtual and 42 physical servers. This operation involved the Ukrainian hacking group BLACKJACK and the cyber division of the Ukrainian Security Service. In addition to internal documents and backups, these servers had software used to manage production processes remotely, according to a source. 

The OwenCloud.ru website, at the moment of publication, displays what is alleged to be a message left by a group called Blackjack, stating that the centre's "information technology infrastructure has been destroyed." The Ukrinform news service reports nearly 4,500 cyberattacks on Ukraine are carried out by Russian hackers every year. Kyivstar was attacked by a powerful hacker on December 12, 2023, which caused the company to experience a technical breakdown.

Communication and internet services stopped working. It is estimated that around 16,000 Russian companies are affected by the strike, such as Lukoil, Rosneft, The Ural Works of Civil Aviation (which is part of the Roselectronika holding), Ural Special Equipment Plant, Gazprom, Transgaz, Norilsk Nickel, Rostelecom, Telecom, and Megafon. As a result, the source asserted that OwenCloud.ru is hosting over 10,000 legal entities, including the military-industrial sector, oil and gas industry, metallurgical and aerospace companies, and telecommunication giants. 

It was reported that the hack affected various organizations, such as companies in the oil and gas and telecommunications sectors and the country's military. In the Kyiv Independent report, there was a list of victims that included Ural Works of Civil Aviation, Rubin, Ural Plant Spectechniks, Gazprom, Transgaz, Lukoil, Rosneft, Nornickel, Rostelecom, and MegaFon, among others. 

The source of NV's report revealed on March 18 that Ukrainian hackers were able to access correspondence between Russian CEC member Nikolai Levichev and Boris Nadezhdin, a candidate in the so-called presidential election. As a result of being denied registration as a presidential candidate, Nadezhdin actively contacted representatives of the Russian Central Election Commission and resolved personal and political issues, including addressing the refusal of the Russian Central Election Commission. 

According to the hacker group, this suggests that a "fake presidential candidate" is at play. Ukrainian hackers are known for regularly stealing information about Russian websites, payment systems, and state-owned companies. Thousands of Russian organizations were accessed by Ukrainian hackers in January, and 200 gigabytes of data was obtained. 

A Russian state-owned company that builds military facilities across the entire Russian territory has also been crashed by the BLACKJACK hacker group. They have also stolen documentation for 500 military facilities maintained by the Russian Ministry of Defense. On the servers of the Russian Ministry of Defense, a DDoS attack was launched by hackers from the Defense Intelligence Department.

Russian Military Hackers Take Aim at Ukrainian Soldiers’ Battle Plans

 

On Thursday, the United States and its allies issued a warning, revealing that Russian military hackers have been actively pursuing Ukrainian soldiers' mobile devices. Their objective is to pilfer critical battlefield data, which could potentially bolster the Kremlin's efforts in the ongoing conflict in Ukraine. 

The recent advisory released by the United States and its intelligence-sharing partners, known as the "Five Eyes" alliance (comprising Australia, Canada, New Zealand, and the United Kingdom), aligns with a report issued by Ukraine's SBU security service. This report highlights the Russian hackers' concerted efforts to infiltrate the Android tablets utilized by the Ukrainian military for both strategic planning and executing combat missions. 

According to Ukraine's SBU, the malicious code employed by the Russian hackers was specifically crafted to pilfer data transmitted from soldiers' mobile devices to the Starlink satellite system, a creation of billionaire entrepreneur Elon Musk's company. It is worth noting that the press has previously reported on the pivotal role of Starlink satellites in facilitating Ukraine's battlefield communications. 

This news underscores the significance of the battle for control over sensitive military information in the realm of cyberspace, which has emerged as a prominent front in Russia's comprehensive war against Ukraine. The extent of the hacking campaign's success remains uncertain. Ukraine's SBU security service has reported successfully thwarting certain hacking attempts. 

Still, they have also acknowledged that Russian forces managed to acquire tablets on the battlefield and subsequently infected them with malicious software. This hacking campaign coincides with an ongoing Ukrainian counteroffensive, marked by a protracted and challenging struggle to repel Russian forces. 

Privately, U.S. officials have voiced apprehension over Ukraine's inability to achieve significant breakthroughs despite months of relentless combat. US officials and independent experts have reported that Russian intelligence services have been launching a barrage of cyberattacks against Ukrainian infrastructure since the commencement of Moscow's extensive invasion of Ukraine in February 2022. 

These cyberattacks have encompassed a range of tactics, including destructive hacks designed to compromise Ukrainian energy and transportation systems, among other targets. Although certain cyber incidents have compelled Ukrainian government entities and businesses to engage in recovery efforts, Kyiv's digital defenses have exhibited notable resilience throughout this period.