A Ukrainian cyber unit reportedly attacked one of Russia’s largest logistics giants, Eltrans+, which serves 5,000 businesses and is also a key player in shipping sanctioned goods and electronic components from China.
In the early hours of December 6th, a devastating blackout rolled across the servers of Eltrans+. The company is one of Russia’s largest logistics and customs brokerage firms, serving more than 5,000 Russian businesses, ranging from small shops to major industrial players.
For most Russians waking up that morning, the message on the company’s website was loudly proclaiming Ukraine’s Armed Forces Day. Behind the attack was a joint operation between Ukraine’s Defense Intelligence (HUR) cyber unit and the hacker collective known as BO Team.
“This wasn’t disruption – it was a full blackout of their digital infrastructure,” the source in Ukraine’s special services told Kyiv Post.
According to sources who spoke with Ukrainian media, the attackers tore through more than 700 computers and servers, wiped out over 1,000 user accounts, and destroyed or encrypted 165 terabytes of critical data.
The company’s core data center network equipment was also taken down. The attackers also completely deleted cargo declarations, which are essential documents for moving goods through Russia’s customs pipeline.
According to Ukrainian media, the company is also a key player in shipping sanctioned goods and electronic components from China, which are used in Russia’s defense industry.
Ukraine's Defense Intelligence (HUR) specialists, working with the BO Team, launched a cyberattack overnight on December 6th, targeting the information and communications infrastructure of the Russian logistics company Eltrans+, according to sources that contacted Ukrainian media.
The Eltrans+ takedown isn’t a one-off act of hacktivism. It’s the latest in a rolling campaign of deep-cut cyberattacks orchestrated by HUR since the summer.
On June 12th, a targeted strike on Siberia’s Orion Telecom left the regional provider counting more than 66 million rubles in losses. The attack caused widespread internet and television outages across several Siberian cities, including Krasnoyarsk, Irkutsk, Bratsk, and Abakan.
On July 17th, Ukrainian intelligence operatives tore into Russian energy giant Gazprom’s network, wiping out data tied to contracts, deliveries, and facility management. Sources told Ukrainian media that HUR obtained full access to all of Gazprom’s information systems, achieving a depth of penetration that the source described as “unprecedented.”
Just weeks later, between September 24th and 25th, Ukrainian cyber units launched a successful DDoS attack against Russia’s national payment system, SPB, resulting in $30 million in damages. The attack also hit major telecom provider TransTeleCom, disrupting services.
Pro-Ukrainian hackers, who were also responsible for a massive breach of Russia’s national airline Aeroflot, took over Russia’s TV airwaves on the 34th anniversary of Ukraine’s independence from Moscow, replacing its regular programming with hours of damning battlefield footage to show the "truth" of war.
Hybrid warfare is weighing on both sides
According to a report by Google Threat Intelligence Group (GTIG), Russia is increasingly relying on cybercriminals for intelligence and cyberwarfare operations to support its state goals, such as Russia’s war in Ukraine.
“Russian intelligence services have increasingly leveraged pre-existing or new relationships with cybercriminal groups to advance national objectives and augment intelligence collection. They have done so in particular since the beginning of Russia's full-scale invasion of Ukraine,” Google says in the report.
Cybercriminal gangs often purchase malware, credentials, or other key resources from illicit forums, which is usually cheaper than developing them in-house. It also allows them to attract less notice.
NATO’s senior military officer, Admiral Giuseppe Cavo Dragone, told media that in terms of cyber and Russia’s hybrid warfare strategies, the alliance was “studying everything” and the shift was moving from being reactive to becoming “more aggressive” and “proactive.”
While Russia has waged war on Ukraine since February 2022, Moscow has also increased its hybrid attacks across Europe. Hybrid war incidents include the cutting of internet cables in the Baltic Sea and cyberattacks across the continent, from hacks of Ireland’s airports to attacks on Poland’s critical infrastructure.
Other incidents include GPS jamming, incursions by fighter aircraft and naval vessels, and an explosion on a key Polish rail link ferrying military aid to Ukraine.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked