Ukrainian hackers breach Rosvodokanal, seize data of Russia's largest private water utility
Ukrainian hackers, reportedly with support from the Security Service (SSU), sought revenge for the recent cyberattack on Kyivstar and destroyed the IT infrastructure of the Russian major private water-supply company Rosvodokanal, according to RBC-Ukraine's own sources.
A powerful cyber operation was conducted by hackers affiliated with the BLACKJACK group, purportedly with support from SSU specialists.
The news agency's sources also indicate that the revenge for Kyivstar has begun.
During the cyberattack, the hackers managed to:
- Gain access to a large number of documents
- Encrypt over 6,000 computers
- Delete over 50 terabytes (TB) of data, including internal document circulation, corporate mail, cybersecurity services, backups, etc.
Following such an attack, the operations of Rosvodokanal were disrupted.
The RBC-Ukraine's sources also note that SSU experts are already analyzing 1.5 TB of downloaded data from Rosvodokanal.
Rosvodokanal is the largest private Russian company (part of the Alfa Group, headquartered in Moscow), It provides water supply to 7 million consumers.
Not the first similar cyber operation
At the end of November, RBC-Ukraine reported, citing sources, about the hacking by Ukrainian hackers affiliated with the BLACKJACK group, with the assistance of the SSU, into the website of the Russian Ministry of Labor and Social Protection. A large amount of secret information was downloaded from there.
The acquired information pertains to the temporarily occupied regions in the Kharkiv and Zaporizhzhia regions, as well as their "leadership."
Cyberattack on Ukrainian mobole operator Kyivstar
A major disruption in the operations of the telecommunications company Kyivstar occurred on December 12, according to official data, caused by hackers associated with Russia. This led to an investigation under eight articles.
During the outage, subscribers complained about the lack of communication, issues with the operator's website, and the mobile application, and internet services were unavailable.
According to UK intelligence, the cyberattack on the mobile operator could have been the most significant maneuver by hackers since Russia's full-scale invasion of Ukraine.