"The most powerful in history": Russian providers have not yet recovered from the June cyberattack by the GRU

"The most powerful in history": Russian providers have not yet recovered from the June cyberattack by the GRU

Kyiv  •  UNN

July 1 2024, 11:22 AM • 23455 views

In late June, the Main Intelligence Directorate of the Ministry of Defense of Ukraine launched a large-scale cyberattack that left at least 250,000 subscribers in the temporarily occupied territories, primarily in Crimea, without communication for more than two days, causing serious damage to Russian providers and their infrastructure.

In late June, a large-scale cyberattack carried out by the Defense Intelligence of Ukraine left at least 250,000 subscribers in the temporarily occupied territories of Ukraine, primarily in Crimea, without communication. Representatives of Russian providers call it the most powerful DDos attack they have ever experienced. This was reported to UNN by a source in the GUR. 

Details 

In an interview, Ivan Zima, CEO of one of Russia's telecom operators, said that after the GRU cyberattack, it took at least 16 hours for providers to restore at least partial communication. In fact, a significant number of subscribers remained without communication for more than two days, the source told UNN. The attack affected both the networks of subscribers and the networks of operators that used the affected infrastructure.

According to the providers themselves, they had difficulty communicating with their subscribers during the restoration of the connection. Fearing traditional Russian fraud, subscribers refused to provide operators with their current contact information, and 20% of subscribers refused to upgrade their network equipment, which could protect them from further attacks in the future.

At the same time, according to UNN's source in the GUR,  the provider had to hire hundreds of additional technical specialists, in particular to process numerous requests from dissatisfied customers.

One of the most affected providers was Miranda Media. Its subscribers not only had no access to communication, but were also unable to pay for services due to the damage to the billing system.

Users of Miranda Media (which operates under the Mirtelecom brand in the occupied territories) could not use the network in Crimea and in the temporarily occupied territories of Zaporizhzhia and Kherson regions. In addition, the networks of the Russian provider Farline suffered significant damage, primarily in Crimea.

According to a source in the GUR, similar attacks continued. In particular, the networks of the same "Miranda Media", servers of propaganda media, servers of local occupation authorities, contact centers, registration and traffic control systems on the Kerch Bridge, resources and network infrastructure of airports, payment systems were under attack. 

This resulted in the suspension of work of cash registers in a number of cities in the occupied Crimea, delays in many flights, and significant traffic jams on the Crimean bridge.