Russians hack Ukraine’s largest private energy company

There are many ways to wage war. Cyberattacks have been a growing concern in recent conflicts. Russian hackers are some of the best in the world and they just carried out a cyberattack against Ukraine’s largest private energy conglomerate.

The victim of the attack was the DTEK group, which owns coal and thermal power plants throughout Ukraine. Company officials say the hacker’s goal was to “destabilize the technological processes of its distribution and production companies, spread propaganda about the company’s operations and leave Ukrainian consumers without electricity”. This is the bottom line; they wanted to leave the Ukrainian people in the dark. Cyber ​​warfare is also an important psychological component, knowing that your enemy can significantly affect entire swaths of your daily life.

A power generation facility owned and operated by DTEK in Ukraine. Image credit: DTEK

In an interview with CNN, DTEK spokeswoman Antonina Antosha informed them, “Cyberattacks have had no negative effect on DTEK’s operations so far.” I have to admit the “so far” part of that comment had me a little worried. However, says Antosha, “All systems are running in normal mode.” Cool, so far so good.

The hacking attempt came to light days after Rinat Akhmetov, Ukraine’s richest man (and owner of DTEK), sued Russia in the European Court of Human Rights for allegedly costing him billions of dollars in property rights damages. Apparently he believes that “if you broke it, you bought it.” Therefore the cyber activity could very well be a form of retaliation for the lawsuit.

A group of Russian hackers calling themselves XakNet claim responsibility for the attack online. They claim to have hacked into the energy giant’s networks and allegedly showed screenshots online with the proof. The group in its current form surfaced in March this year, prompting an early alert from the Cybersecurity & Infrastructure Security Agency after it claimed to target Ukrainian officials supporting Russia’s war effort.

An interview with hackers. Link courtesy of Twitter and @Treadstone71LLC

XakNet would have access to data belonging to an organization hacked by a Russian cyber espionage group. This suggests a possible link between them and the Russian government, according to Alden Wahlstrom, senior analyst at US cybersecurity firm Mandiant. For its part, XakNet maintains that they are independent of the Russian government and act alone.

The hacking incident occurred as the Russians bombed the thermal power plant owned by DTEK in Kryvi Rih, located in central Ukraine. Is it pure coincidence that this happened shortly after the company owner sued the Russians in an international court for billions of dollars? Possible, but I doubt it.

Microsoft has investigated these occurrences and noted that cyber attacks are sometimes used alongside physical military attacks for a “one-two” punch on targets. For example, on March 1 this year, a cyberattack crippled a giant TV tower in Kyiv even as it was shelled by Russian artillery.

In reality, Russian cyberattacks on Ukrainian power utilities have been relatively common since they annexed Crimea in 2014. Russian military intelligence was blamed for most of the attacks in 2015 and 2016 that left whole sections of Ukraine in the dark.

Unveiling the company line, DTEK announced on Friday, “The company makes every effort to ensure the stable operation of the Ukrainian energy system during the war and to ensure uninterrupted power supply to Ukrainian consumers.”

Comments are closed.