Russian government sites hacked in supply chain attack

Russia says some of its federal agencies’ websites were compromised in a supply chain attack on Tuesday after unknown attackers hacked the stats widget used to track the number of visitors by multiple government agencies

The list of sites impacted in the attack includes the websites of the Energy Ministry, the Federal State Statistics Service, the Federal Penitentiary Service, the Federal Bailiff Service, the Federal Antimonopoly Service, the Culture Ministry, and other Russian state agencies.

The incident was discovered Tuesday evening after the attackers published their own content and blocked access to the websites.

“It is difficult to compromise these websites directly, so hackers attack resources through external services and thus gain access to demonstrate incorrect content,” the press service of the Russian Ministry of Economic Development told Interfax.

“After hacking the widget, hackers were able to publish incorrect content on the pages of the websites. The incident was promptly localized.”

The Russian Digital Development Ministry claims the state agencies’ websites were brought back within an hour after the breach.

Ukraine and Russia targeting each others’ networks

This comes after the Russian government shared a list of more than 17,000 IP addresses allegedly used in DDoS attacks against Russian networks.

The Federal Security Service’s National Coordination Center for Computer Incidents (NKTsKI) warned Russian organizations to take measures to counter threats to their information security and shared guidance to defend against such attacks.

These warnings came after the Ukrainian Vice Prime Minister Mykhailo Fedorov announced the creation of an “IT army” to support the country’s “fight on the cyber front.”

The creation of the Ukrainian IT Army was revealed after the Defense Ministry of Ukraine started recruiting members of Ukraine’s underground hacker community to launch cyberattacks against Russia and was prompted by a “massive wave of hybrid warfare.”

On Monday, the Russian Digital Development Ministry also denied reports that Russia plans to disconnect Russia from the worldwide web.

“There are nonstop cyberattacks on Russian sites from abroad. We are getting prepared for various scenarios in order to ensure the accessibility of Russian [online] resources. There are no plans to switch off the internet from inside [the country],” a spokesperson told Interfax.

Source: https://www.bleepingcomputer.com/news/security/russian-government-sites-hacked-in-supply-chain-attack/