Russian state media company operation disrupted by ‘unprecedented’ cyberattack

Siva Ramakrishnan
Russian state television and radio broadcasting company VGTRK was hit by a cyberattack on Monday that disrupted its operations, the company confirmed in a statement to local news agencies.

Russian state television and radio broadcasting company VGTRK was hit by a cyberattack on Monday that disrupted its operations, the company confirmed in a statement to local news agencies.

While a VGTRK spokesperson initially downplayed the impact of the attack, claiming it did not cause significant damage, local media reported that the broadcast of several television channels owned by VGTRK, including Russia 1 and Russia 24, was cut off mid-program and resumed nearly an hour later.

An anonymous source at the company told the Russian media outlet Gazeta.ru that the hackers erased data from the company’s servers, including backups. Recorded Future News could not independently verify this information.

VGTRK owns and operates Russia’s major national and regional TV channels and radio stations. Following Russia’s invasion of Ukraine, the company was sanctioned by the European Union, Canada and the U.K. for its affiliation with the Russian government and its role in spreading pro-Kremlin propaganda.

Russia’s presidential press secretary, Dmitry Peskov, confirmed the attack on VGTRK on Monday and said that an investigation into the incident is ongoing. A representative of the Russian Ministry of Foreign Affairs, Maria Zakharova, said the attack “aligns with the West’s anti-Russian agenda” and called it part of a “hybrid warfare” campaign against Russia.

Zakharova added that Russia will raise the issue internationally, including with organizations such as the United Nations and UNESCO. “We understand that when the collective West says it aims to inflict a strategic defeat on Russia, this includes an attack on the media,” she stated.

Russian cybersecurity firm F.A.C.C.T. noted that information about the cyberattack on VGTRK appeared on the official social media account of the pro-Ukrainian hacktivist group Sudo rm-RF.

Researchers said that the group has been conducting attacks on large Russian companies and leaking their data since March 2022. Their reported victims include RuTube, the Skolkovo innovation center, and various Russian medical institutions.

Hacks on media outlets, including television channels, have become common during the cyberwar between Ukraine and Russia. Earlier in May, Russia-aligned hackers hijacked several Ukrainian television channels to broadcast a Victory Day parade in Moscow, commemorating the defeat of Nazi Germany in World War II.

In April, pro-Russian hackers breached Starlight Media to broadcast Russian advertisements and a fragment of the Swan Lake ballet, which was often aired in Russia during the collapse of the USSR or other periods of political turmoil.

Last July, two radio stations owned by one of Ukraine’s largest broadcasters were hacked to spread fake messages claiming that President Volodymyr Zelensky was hospitalized and in critical condition.

The hackers often combine cyberattacks with disinformation campaigns against targeted media outlets. In February, Russian hackers breached several popular Ukrainian media outlets, posting fake news related to the war. All of these websites were hacked to spread the same piece of false information — that Russia had destroyed a unit of Ukrainian special forces in an eastern Ukrainian city.

CybercrimeNewsTechnology
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.

 

Total
0
Shares
Previous Post

American Water Works believes no water, wastewater facilities affected by cyberattack

Next Post

UN cybercrime treaty lead negotiator: US will suffer if it doesn’t vote yes

Related Posts

INTERPOL Busts African Cybercrime: 1,006 Arrests, 134,089 Malicious Networks Dismantled

An INTERPOL-led operation has led to the arrest of 1,006 suspects across 19 African countries and the takedown of 134,089 malicious infrastructures and networks as part of a coordinated effort to disrupt cybercrime in the continent. Dubbed Serengeti, the law enforcement exercise took place between September 2 and October 31, 2024, and targeted criminals behind ransomware, business email
Avatar
Read More