Ukraine’s defense intelligence directorate, GUR, has claimed responsibility for a cyberattack on Russia’s state tax service, asserting that it infected thousands of servers and destroyed databases and backups. GUR states that it successfully breached key central servers and over 2,300 regional servers throughout Russia and occupied Crimea. The attack reportedly led to the “complete destruction” of the tax service’s infrastructure, including the disabling of the internet connection between the central office in Moscow and regional branches. GUR alleges that the tax service has been unable to restore its operations for four days and may remain paralyzed for at least a month.
This marks the second cyber operation by GUR on a Russian state agency, with the previous one targeting the civil aviation agency, Rosaviatsia, in November. While GUR claims have not been independently verified, the agency’s previous acknowledgment of successful cyber operations increases the credibility of its statements. The Russian state media has remained silent about the alleged attack, and the tax service has not publicly responded.
The incident reflects a broader trend where pro-Ukraine hacker groups and hacktivists, including collaboration with security services like the SBU, have claimed responsibility for cyber operations against Russian entities. Previous incidents involved attacks on Russian banks, airlines, and internet providers. The cyber conflict between Ukraine and Russia continues to escalate in the digital domain, with each side employing cyber capabilities to target critical infrastructure and government agencies.
It is crucial to note that the absence of independent verification and official statements from the affected Russian entities leaves room for uncertainty regarding the extent and impact of the reported cyberattacks. As geopolitical tensions persist, the cyber domain remains a battleground for state-sponsored and hacktivist-driven operations, underscoring the need for enhanced cybersecurity measures and international cooperation to address cyber threats.
