The GUR’s cyber corps has reportedly carried out a significant attack on Filanko, a major private internet and hosting provider in Russia. This company serves a broad clientele, including major telecommunication companies like Beeline and MGTS, as well as various Russian security forces. The operation, which was confirmed by intelligence sources to “Babel,” marks a notable escalation in the cyber warfare between Ukraine and Russia. The attack was comprehensive, targeting the core infrastructure of the provider and aiming to cripple its operational capabilities.
The impact of the cyber assault on Filanko’s infrastructure was severe and widespread. According to reports, the attack led to the failure of 600 virtual machines and 24 hypervisors, which are critical components for managing virtualized environments. Additionally, 11 physical servers were destroyed, along with an immense 800 terabytes of data. This data destruction extended to 12 terabytes from sensors and an additional 5 terabytes from five physical servers located in the company’s office. Such a massive loss of data and computational power would likely cause significant disruption to Filanko’s services and its clients, particularly the Russian security forces who rely on its infrastructure for communications and operations.
The GUR cyber specialists also targeted the company’s network and monitoring equipment, further compounding the damage. The attack disabled 3,100 pieces of switching equipment, including 37 service routers, kernel routers, and network boundary devices. These components are essential for directing internet traffic and maintaining network connectivity. By disabling them, the GUR likely caused widespread network outages and disruptions, isolating Filanko’s clients and hindering their ability to communicate. Furthermore, 74 devices used for remote data monitoring were destroyed, effectively blinding the company to the status of its own data centers and making it difficult to assess the full extent of the damage.
In a move that added financial insult to infrastructural injury, the cyber corps also targeted the company’s financial assets. They reportedly “poured” $1.3 million from the company’s personal account into cryptocurrency wallets. This act not only inflicted a direct financial loss but also demonstrated the GUR’s deep penetration into Filanko’s systems, from operational infrastructure to financial management. Such a coordinated attack on both physical and financial assets highlights a sophisticated level of planning and execution.
Finally, the operation included a psychological and propaganda element. The GUR cyber specialists hacked a website that sells “alarm suitcases” to Russian security forces. On the main page of this resource, they published a photograph of destroyed Russian soldiers in Ukraine. This act serves a dual purpose: to mock the Russian security forces and their suppliers, and to broadcast a clear message about the human cost of the war to a domestic Russian audience. This component of the attack illustrates that the GUR’s cyber efforts are not solely focused on technical disruption but also on influencing morale and public perception.
Reference: