Ukraine

The Main Intelligence Directorate (GUR) of Ukraine's Ministry of Defense claims that it breached the servers of the Russian Ministry of Defense (Minoborony) and stole sensitive documents.

A press release published today on an official Ukrainian government domain describes the attack as a "special operation" carried out by GUR's cyber-specialists.

As a result of the breach, the GUR claims to have obtained sensitive documents that contain secret service information, including:

  • Software used by the Russian Ministry of Defense for protecting and encrypting data
  • An array of secret service documents from the Russian Ministry of Defense, including orders, reports, directives, and various other documents, circulated among over 2000 structural units of the ministry.
  • Information that allows establishing the complete structure of the system of the Minoborony and its links.
  • Data that helped identify senior heads of structural units of the Minoborony, as well as deputies, assistants, and specialists who used software for electronic document management called "bureaucracy."
  • Documents belonging to the Russian Deputy Minister of Defense, Timur Vadimovich Ivanov.

The press release notes that the particular minister, Ivanov, had a significant role in the success of the cyber attack, though any actual details on the operation are omitted.

Four screenshots showing database query results, log files, and documents outlining official procedures/guidelines have been posted as evidence of the alleged breach.

BleepingComputer has been unable to validate the authenticity of these screenshots and has contacted the Russian Ministry of Defense for a statement, but a comment wasn't immediately available.

Previously, the GUR has claimed unconfirmed breaches into the Russian Center for Space Hydrometeorology, aka "planeta" (планета), the Russian Federal Air Transport Agency, 'Rosaviatsia,' and the Russian Federal Taxation Service (FNS).

Two of these attacks allegedly involved data backups and database destruction aimed at operational disruption. In the latest case against Moniborony, no such claims have been made by the GUR.

Related Articles:

U.S. indicts Russian GRU hacker, offers $10 million reward

Ukraine says hackers abuse SyncThing tool to steal data

Europol confirms web portal breach, says no operational data stolen

Infosys McCamish says LockBit stole data of 6 million people

Dairy giant Agropur says data breach exposed customer info