Russia

A cyberattack on the Russian Federal Air Transport Agency's (Rosaviatsia) infrastructure allegedly erased all documents, files, aircraft registration data and emails from the servers. The agency lost nearly 65 terabytes of data.

An unidentified group (presumed to be the Anonymous Hacking Group) carried out an extremely effective attack on the Russian Federal Air Transport Agency. As part of the attack, all aircraft registration data and emails, totaling approximately a massive 65 terabytes of data, were deleted from the Agency's servers. The attack was so successful that until back-up copies of the electronic data could be found the Agency was forced to resort to using pen and paper and to sending information in hard copy through the post.

There are reports claiming that the mass loss of data may be irretrievable, and sources claim that due to a lack of government funds, many files at Rosaviatsiya were never backed up.

Pharmaceutical company Dr Reddy's, which is developing a Covid-19 vaccine, stated it has been hit by a cyber-attack. Sites around the world have been affected, including those in the UK, Brazil, India, Russia and the US. The India-based company said it had isolated all of its data centre services to contain the attack. The attack came only days after the pharmaceutical company was gearing up for a phase 2/3 clinical trial of Russia’s COVID-19 vaccine, dubbed Sputnik V, after gaining the trial go-ahead from Indian regulators last week.

Russian streaming giant START said on Sunday that the personal information of its customers was leaked during a cyberattack. The company did not disclose how many users were affected by the breach. The Russian Telegram channel Information Leaks — which first publicized the incident — reports the 72 GB database contains data on 44 million customers. The leaked information includes usernames, email addresses, hashed passwords, IP addresses, users’ countries of registration, subscription start and end dates, and the last login to the service.

START, which sells films and TV shows in more than 174 countries, is one of many Russian companies that have suffered data leaks and hacks following Russia’s invasion of Ukraine. The data breach allegedly affects viewers worldwide, including 24.6 million users from Russia, 2.3 million from Kazakhstan, 2.1 million from China, and 1.7 million from Ukraine.

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.