There are numerous ways to fight a war. Cyber-attacks have been a growing concern during recent conflicts. Russian hackers are among the best in the world, and they just carried out a cyber attack on Ukraine’s most prominent private energy conglomerate.
The victim of the attack was the DTEK Group, which owns coal and thermal power plants across all of Ukraine. Corporate representatives state that the hacker’s goal was to “destabilize the technological processes of its distribution and generation firms, spread propaganda about the company’s operations, and to leave Ukrainian consumers without electricity.” That’s the bottom line; they wanted to leave the Ukrainian people in the dark. Cyber warfare is also a significant psychological component, knowing that your enemy can significantly affect major parts of your daily life.
In an interview with CNN, DTEK spokesperson Antonina Antosha informed them, “The cyber attacks didn’t have any negative effect on DTEK’s operations so far.” I must admit the “so far” part of that comment gave me a little cause for concern. However, Antosha said, “All systems operate in a regular mode.” Cool, so far, so good.
The hacking attempt was revealed days after Rinat Akhmetov, the wealthiest man in Ukraine (and the owner of DTEK), sued Russia in the European Court of Human Rights for allegedly costing him billions of dollars in property rights damages. Apparently, he believes that “if you broke it, you bought it.” So the cyber activity could very well be a form of retaliation for the lawsuit.
A group of Russian hackers calling themselves, XakNet, is claiming responsibility online for the attack. They claim to have hacked the energy giant’s networks and have reportedly shown screenshots online with the proof. The group in its current form surfaced in March of this year, quickly prompting an alert from the Cybersecurity & Infrastructure Security Agency after they claimed to be targeting Ukrainian officials supporting Russia’s war effort.
— Treadstone 71 (@Treadstone71LLC) July 3, 2022
An interview with the hackers. Link courtesy of Twitter and @Treadstone71LLC
XakNet is reported to have access to data belonging to an organization hacked by a Russian cyber espionage group. This suggests a possible connection between them and the Russian government, according to Alden Wahlstrom, a senior analyst at US cybersecurity firm Mandiant. For its part, XakNet maintains that they are independent of the Russian government and acting on its own.
The hacking incident occurred while the Russians were shelling the DTEK-owned thermal power plant in Kryvi Rih, located in central Ukraine. Is it pure coincidence that this happened shortly after the company’s owner sued the Russians in an international court for billions of dollars? Possible, but I doubt it.
Microsoft investigated these events and noted that cyber-attacks are sometimes used together with physical military attacks for a “one-two” punch on targets. For example, on March 1st of this year, a cyber attack crippled a giant TV tower in Kyiv at the same time it was being pummeled by Russian artillery.
In reality, Russian cyber attacks on Ukrainian electric utilities have been relatively commonplace since they annexed Crimea in 2014. Russian military intelligence services have been blamed for most attacks in 2015 and 2016 that left significant chunks of Ukraine in the dark.
Spouting the company line, DTEK announced Friday, “The company makes every effort to ensure the stable operation of Ukraine’s energy system during the war and to ensure uninterrupted power supply to Ukrainian consumers.”