Ukraine’s military intelligence agency, HUR, recently claimed responsibility for a cyberattack on Russia’s digital certification agency, Osnovanie. The attack, allegedly executed with assistance from the hacker group BO Team, disrupted Osnovanie’s website and left a defacement message. This message, signed by the attackers, claimed that compromised data would be sold to support Ukraine’s military. Though the attackers hinted at acquiring sensitive digital signature data, Osnovanie has stated that user cryptographic keys remain isolated and secure from external access.
Following the attack, Osnovanie suspended its operations to implement enhanced security policies and access controls, aiming to resume services by September 12. However, as of this week, Osnovanie’s websites remained unavailable, leaving Russian users unable to authenticate digital signatures required for essential tasks like business documentation and tax filing. Osnovanie’s statement on its Telegram channel assured users that an update would soon be provided, though details were sparse.
Osnovanie’s leadership indicated that the attack originated from servers based in the U.S., Netherlands, and Estonia. While the agency did not officially attribute the incident to Ukraine, the attackers’ claims and HUR’s involvement lend weight to this theory. This incident marks a rare instance where a Ukrainian cyber operation caused visible disruptions, demonstrating an escalated cyber conflict and raising concerns about cross-border digital security risks.
Previously, in 2022, Osnovanie faced a distributed denial-of-service (DDoS) attack by the Ukrainian hacker group IT Army. This latest breach intensifies the ongoing cyber warfare between Ukraine and Russia, impacting Osnovanie’s users and revealing vulnerabilities in Russian digital infrastructure that could be exploited in future conflicts.
Reference:
