Category | Details |
---|---|
Threat Actors | Yellow Drift (pro-Ukraine hacker group), Ukrainian Cyber Alliance, Cyber Anarchy Squad. |
Campaign Overview | Cyberattacks targeting Roseltorg, Rosreestr, Nodex, and Infobis, leading to data deletion and infrastructure damage. |
Target Regions (Victims) | Russia (government agencies, state-owned companies, private corporations like Lukoil and Rostelecom). |
Methodology | External intrusion, data deletion, exfiltration, and infrastructure destruction. |
Product Targeted | Roseltorg platform for state procurement; systems at Nodex, Rosreestr, and Infobis. |
Malware Reference | Not specified in the report. |
Tools Used | Not explicitly mentioned; likely custom attack tools for data deletion and exfiltration. |
Vulnerabilities Exploited | Potential misconfigured systems, lack of robust defenses for critical infrastructure. |
TTPs | Data exfiltration, wiping/deletion of files, targeting critical state systems, and disruption of operational workflows. |
Attribution | Pro-Ukraine hacker groups, explicitly anti-Russian and politically motivated. |
Recommendations | Strengthen cybersecurity defenses, ensure robust backups, deploy intrusion detection systems, and establish contingency plans for service restoration. |
Source | The Record |
Read full article: https://therecord.media/russian-platform-for-state-procurement-hit-cyberattack
The above summary has been generated by an AI language model
Leave a Reply