Ukraine’s state-owned nuclear power operator said Russian hackers attacked website
Daryna Antoniuk August 17, 2022

Ukraine’s state-owned nuclear power operator said Russian hackers attacked website

Ukraine’s state-owned nuclear power operator said Russian hackers attacked website

Ukraine’s state nuclear power company Energoatom said on Tuesday that Russian hackers had launched an “unprecedented” cyberattack on the company’s official website.

The Russian hacktivist group People’s Cyber Army, which claims to include more than 8,200 volunteer members, used 7.25 million bot accounts to flood Energoatom’s website with junk traffic, making it unreachable.

The attack lasted three hours but had no larger impact on the company’s operations. Energoatom said in a statement that it managed to quickly regain control of the website and limit the attack.

The People’s Cyber Army boasted of the attack on Telegram late on Tuesday and switched to other targets — the websites of Ukrainian steel manufacturer Dneprospetsstal and the government-run Ukrainian Institute of National Memory. Both websites continue to operate normally as of Wednesday morning.

Russia-based People’s Cyber Army is an analog of the Ukrainian hacktivist group IT Army, which has more than 235,000 followers on Telegram. Both groups carry out distributed denial-of-service attacks on “enemy” websites, fueling the cyber tit-for-tat between Russia and Ukraine.

Most of these attacks have no lasting impact, but they can temporarily disrupt businesses and their customers, who in past incidents haven’t been able to buy train tickets, order food delivery, or watch a movie online while the DDoS attack is underway.

Although the Tuesday attack had no lasting impact on Energoatom, it’s still worth paying attention to, cybersecurity experts say. 

Ukraine’s energy sector is a lucrative target for Russian hackers — they hit it in 2015 and 2016, causing massive power outages. Ukrainian and Western intelligence officials expected more attacks on Ukraine’s energy facilities during the war, but so far there has been only one such incident. Russian hackers attacked a Ukrainian energy provider in April with a new variant of the Industroyer malware that was used by the Sandworm hacker gang in 2016 to cut power in Ukraine. This time, Ukrainian security officials stopped the attack before it could have knocked out power to an estimated two million people.

Ukraine relies on nuclear energy supplied by 15 reactors. In early March, Russia occupied a six-reactor nuclear power plant in the city of Zaporizhzhia and pulled its military equipment there, causing one of the reactors to shut down.

In addition to attacks on the ground, Russia is also actively spreading fake news about Ukraine’s nuclear energy sector. For example, Russian news sites have warned about the possible explosion of the station in Zaporizhzhia due to shelling by Ukraine.

According to Energoatom, Russia wants to instill a fear of a nuclear disaster to reduce foreign military support for Ukraine. Energoatom did not immediately respond to requests for comment on Wednesday.

Daryna Antoniuk is a freelance reporter for The Record based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.