On Thursday, July 17, the cyber unit of the Main Directorate of Intelligence of Ukraine (HUR) carried out a strike on the network infrastructure of the Russian gas giant Gazprom, which is involved in supporting the war against Ukraine.
According to Kyiv Post sources in the HUR, as a result of the attack, a significant amount of databases was destroyed and special software was installed, which caused serious damage to the Russian company.
Gazprom is Russia’s largest state-owned energy company, controlling the extraction, transportation, and export of natural gas. It plays a critical role in the Russian economy, providing a significant share of the state’s revenues – including funding for the ongoing war against Ukraine.
Beyond its economic impact, Gazprom is also a key geopolitical tool, with the Kremlin historically using gas supplies to exert pressure on European countries and former Soviet states.
According to a source in the HUR of the Ministry of Defense, as a result of the operation, access to Gazprom’s information system was disabled for system administrators (around 20,000 sysadmins), and software was installed on Gazprom’s servers which will subsequently destroy the data of Gazprom’s information system.
According to sources in the HUR, as a result of the cyberattack, the following were destroyed:
- Backup copies of Gazprom’s information system;
- Databases of around 390 subsidiaries and branches, including Gazprom Teplo Energo, Gazprom Obl Energo, Gazprom Energozbyt, and hundreds of other structures;
- Cluster of 1C servers (10 high-performance machines) along with all files – contracts, orders, directives, etc.;
- Data of auxiliary systems — including data protection systems, server control, administration;
- Analytical databases of pipelines, valves, sensors, pumps, as well as SCADA system servers responsible for managing technical infrastructure;
- Operating systems on available servers, and BIOS was damaged – because of this, servers do not turn on and will require physical intervention to restore operation.
In addition to serious reputational losses, the attack caused significant technical and financial damage to the Russian gas monopoly.
“The degradation of Russian information systems to the times of technological medievalism continues. Taking the opportunity, we congratulate the Russian ‘cyber specialists’ on yet another ‘achievement’ and recommend gradually replacing mice and keyboards with hammers and crowbars as their primary work tools,” a source from Ukrainian intelligence said.
Earlier this week Kyiv Post reported that cyber specialists from Ukraine’s Defense Intelligence Directorate (HUR), with support from the Ukrainian Cyber Alliance and the BO Team hacker group, have carried out a cyberattack on the network and server infrastructure of Haskar Integration – one of the largest drone suppliers to the Russian Armed Forces.
According to the report, the operation gained access to over 47 terabytes (TB) of technical data related to the production of Russian drones after which all of the data on the manufacturer’s servers was wiped, including 10 TB of backup files.
The cyberattack deprived the company of access to the internet, production and accounting systems were disabled, and the operations of Haskar’s development center were paralyzed. At the drone factory, all doors were remotely locked, forcing employees to exit through emergency exits