A Russian citizen has been sentenced to two years in a penal colony for conducting a cyberattack on a local tech company. The attack, which occurred in April 2024, was a distributed denial-of-service (DDoS) assault on a company vital to Russia’s critical infrastructure. The convicted individual, a resident of the Rostov region, was also fined 500,000 rubles (roughly $5,400). The Federal Security Service (FSB) did not reveal who paid the hacker for the attack, but past cases have implicated Ukrainian intelligence agencies.
The case highlights increasing reports of Russian hackers working against their own state or cooperating with foreign entities. In a similar case last October, a Moscow resident was arrested for using Ukrainian software to launch DDoS attacks. These attacks disrupted Moscow’s infrastructure during regional elections, further straining relations between Russia and Ukraine. Russian law enforcement has also been involved in other high-profile cases, including one involving a scientist accused of collaborating with Ukraine’s intelligence services.
In addition to these cases, the FSB arrested a student for aiding the Ukrainian hacker group Cyber Anarchy Squad last year. In a separate incident, a man was charged in February 2025 for causing a regional blackout through a cyberattack on a power plant. These arrests reflect the growing number of prosecutions for domestic cybercrimes in Russia. However, legal actions against major Russian hacking groups have been much slower, particularly the trial of alleged members of the notorious REvil ransomware group.
Despite these prosecutions, Russia has pushed back against international efforts to target its hacking groups. The Russian government rejected U.S. sanctions against members of the Cyber Army of Russia Reborn (CARR), calling them part of a Western propaganda campaign. Legal proceedings against these hacking groups have faced significant delays, and only a fraction of the individuals arrested in the REvil case have appeared in court.
Reference:
