Retaliation in Cyberspace: Russian Water Utility Faces Disruption in Blackjack Cyberattack
On December 20, 2023, Rosvodokanal, a Russian water utility company, reported a cyberattack allegedly carried out by the Ukrainian hacker group Blackjack.
Several undisclosed law enforcement sources confirmed the occurrence of a cyber assault on the IT infrastructure of the Russian water utility. Shortly after, a cyberattack targeted Kyivstar, a Ukrainian phone company, attributed to Russian hackers, resulting in widespread network and internet failures.
Furthermore, experts speculate that this incident is a retaliatory measure for a previous cyberattack on Kyivstar.
According to reports from Ukrainska Pravda, there is a possibility that the Security Service of Ukraine (SBU) played a supporting role in the cyberattack on Rosvodokanal’s digital infrastructure.
Blackjack’s Alleged Offense: Targeting Rosvodokanal’s Digital Fortifications
Moreover, accusations point to Blackjack targeting over 6,000 computers and erasing more than 50 terabytes (TB) of data, including backup files, correspondence, and internal documents. The SBU is reportedly examining 1.5 TB of Rosvodkanal data.
Despite claims of a cyberattack, Rosvodkanal has not provided any updates on its website or social media channels. Mikhail Fridman, a Russian oligarch under sanctions and co-owner of the Alfa Group, which includes Rosvodkanal, is responsible for providing water to approximately 7 million people.
Furthermore, in November, the Aliquippa Municipal Water Authority experienced a cyberattack believed to be linked to Iranian hackers. The attack targeted the booster station system regulating water pressure in Raccoon and Potter Townships. Authorities reassured the public that the water supply for over 6,600 customers in Aliquippa and surrounding areas remained unaffected.
Responding promptly to the cyberattack triggered by an alarm, the utility shut down the compromised system. Water facility representatives emphasized that there was no significant risk to the drinking water or overall water supply.
The hacktivist group Cyber Av3ngers, allegedly tied to Iran, claimed responsibility for the attack. They attributed their actions to animosity towards Israel and targeted an industrial control system (ICS) produced by the Israeli company Unitronics.
Blackjack’s Involvement in Russian Ministry Breach
In late November, RBC Ukraine reported that the Blackjack group, working with the SBU, compromised the Russian Labor and Social Protection Ministry’s website and downloaded a substantial amount of sensitive data.