Hackers Send Putin a Birthday Present

13027365063?profile=RESIZE_400xSome television stations and websites in Russia are offline for the second day in a row following what Moscow called an “unprecedented” attack on its digital infrastructure.  The disruption began on October 7, Russian President Vladimir Putin’s birthday.  Last week, Russian state-owned broadcaster VGTRK’s website and digital streaming services went off the air.  The affected outlets included radio stations and TV channels such as Russia-1 and Russia-24.  “Our state media holding, one of the largest, has faced an unprecedented hacker attack on its digital infrastructure,” Kremlin spokesperson Dmitry Peskov said in a statement about the attack.[1]

VGTRK told Russian media that it had been attacked and was working around the clock to get services back online.  “On the night of October 7, online services of VGTRK were subjected to an unprecedented hacker attack,” it said in a statement.  “Specialists are working to find out all the circumstances, to understand where the traces left behind by those who organized this hacker attack on the critical infrastructure object lead.”

For over a week, the websites for VGTRK were still unresponsive.  State and local government-affiliated websites in Russia are also down.  The Telegram channel for the court in the Vladimir region announced its websites were down for technical reasons.  Courts in the city of Ufa postponed hearings. And courts in the Pskov region also announced they were delayed for technical reasons.

A group of hackers calling itself the BO Team celebrated the hack on Telegram.  “Happy Birthday dickhead,” BO Team posted, followed by four smiling poop emojis. A report in the Russian press didn’t name BO Team but, citing Russian intelligence sources, said that a group of hackers supported by the Ukrainian government was behind the attack.  Kyiv has not claimed responsibility for the attack.

Russia’s invasion of Ukraine was marked by an increase in cyber war on both sides.  In 2015, Russia attacked Ukraine’s power grid with a Trojan virus called BlackEnergy. It tried something similar on Christmas the following year.  Ukrainian-linked hackers have hit Russian TV stations multiple times with cyberattacks.  On September 5 of this year, the US government indicted five Russian GRU officers and one civilian, charging them with conspiring to hack the Ukrainian government.

Picking Putin’s birthday to launch the attack is no coincidence.  For decades, aspirants and detractors have used the Russian President’s birthday to get his attention and send a message.  Putin’s perceived enemies tend to go missing or die around 7 October.  In 2006, famed Russian journalist Anna Politkovsk was assassinated in the elevator of her apartment.  She’d been a fierce critic of Putin.

This article is shared at no charge for educational and informational purposes only.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization.  We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC).  For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com    

Weekly Cyber Intelligence Briefings:

Weekly Cyber Intelligence Briefings:

REDSHORTS - Weekly Cyber Intelligence Briefings

https://register.gotowebinar.com/register/5378972949933166424

[1] https://gizmodo.com/russian-tv-stations-down-after-hackers-send-putin-a-birthday-present-2000509136

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!