| Category | Details |
|---|---|
| Threat Actors | Yellow Drift (pro-Ukraine hacker group), Ukrainian Cyber Alliance, Cyber Anarchy Squad. |
| Campaign Overview | Cyberattacks targeting Roseltorg, Rosreestr, Nodex, and Infobis, leading to data deletion and infrastructure damage. |
| Target Regions (Victims) | Russia (government agencies, state-owned companies, private corporations like Lukoil and Rostelecom). |
| Methodology | External intrusion, data deletion, exfiltration, and infrastructure destruction. |
| Product Targeted | Roseltorg platform for state procurement; systems at Nodex, Rosreestr, and Infobis. |
| Malware Reference | Not specified in the report. |
| Tools Used | Not explicitly mentioned; likely custom attack tools for data deletion and exfiltration. |
| Vulnerabilities Exploited | Potential misconfigured systems, lack of robust defenses for critical infrastructure. |
| TTPs | Data exfiltration, wiping/deletion of files, targeting critical state systems, and disruption of operational workflows. |
| Attribution | Pro-Ukraine hacker groups, explicitly anti-Russian and politically motivated. |
| Recommendations | Strengthen cybersecurity defenses, ensure robust backups, deploy intrusion detection systems, and establish contingency plans for service restoration. |
| Source | The Record |
Read full article: https://therecord.media/russian-platform-for-state-procurement-hit-cyberattack
The above summary has been generated by an AI language model
Leave a Reply