Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Russian hackers blamed for cyber attack on Ukrainian energy firm DTEK Group

DTEK Group, Ukraine’s biggest private energy conglomerate has been hit by a Russian hacking group with a cyber attack, allegedly in retaliation to the owner’s opposition to Russia’s war in Ukraine.

user icon
Fri, 08 Jul 2022
Russian hackers blamed for cyber attack on Ukrainian energy firm DTEK Group
expand image

According to the DTEK Group, the hackers aimed to "destabilise the technological processes" of its distribution and generation firms, spread propaganda about the company's operations and "to leave Ukrainian consumers without electricity".

The cyber attacks didn't have "any negative effect on DTEK's operations" so far, according to Antonina Antosha, a DTEK spokesperson.

Speaking with CNN, Antosha confirmed that "all systems operate in a regular mode".

============
============

The Russian hacking group known as XakNet posted screenshots on the Telegram app of the alleged DTEK data as proof, claiming to have breached DTEK's networks.

On its Telegram channel, XakNet has denied accusations that that it works with the Russian government.

According to Alden Wahlstrom, a senior analyst at US cyber security firm Mandiant, which has investigated some of XakNet's activity, there is evidence of a possible link between XakNet and the Russian government.

The hacking group has had access to data belonging to an organisation that was likely hacked by a Russian cyber espionage group, suggesting a possible link between XakNet and the Russian government.

According to DTEK, the hacking incident coincided with Russian shelling of a DTEK-owned thermal power plant in Kryvyi Rih in central Ukraine, whose website states it employs 56,000 people. The hacking incident was disclosed days after Rinat Akhmetov, Ukraine's richest man and DTEK owner, sued Russia at the European Court of Human Rights for allegedly costing Akhmetov billions of dollars in property rights damages, according to CNN.

XakNet surfaced in March, according to a US and allied government advisory, and has claimed to target Ukrainian officials in support of Russia's war.

The hacking group allegedly targeted electric equipment in an area serving two million people in Ukraine in April, but Ukrainian officials claimed the hack was thwarted.

DTEK, which owns coal and thermal power plants in various parts of Ukraine, is the latest to have been targeted by Russian-linked hackers. Ukrainian energy providers have consistently been the target of Russian hacking teams since Russia annexed Crimea in 2014, according to CNN. The Justice Department blamed Russia's military intelligence service for cyber attacks on electric utilities in 2015 and 2016 that cut power in parts of Ukraine.

"The company makes every effort to ensure the stable operation of Ukraine's energy system during the war and to ensure uninterrupted power supply to Ukrainian consumers," DTEK stated in a statement.

Russian hacking has sometimes been used in tandem with kinetic military strikes according to a Microsoft report in April, after a cyber attack hit a Ukrainian broadcast company in March, the same day as a Russian missile strike against a TV tower in Kyiv, the report said.

[Related: North Korean hackers targeting health services sector]

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.