The group of hackers “Head Mare” carried out a cyber attack, hacking the service systems of the “Galaxy” (Galaktika) of the Russian Railways (RZD) and the corporation “RosNeft”. Their actions led to the destruction of hundreds of terabytes of data, including passwords and official documentation, and the removal of 390 virtual servers and workstations of the Galactica EAM company. The group posted all this information on its Twitter page, making it available for download.
1/3 Марэ Хэд передала привет «Галактике EAM» @GalaktikaCorp @GalaktikaEAM . «Лучшее приложение» для менеджеров российских стратегических предприятий. Исходники софта, логины и пароли уехали.#РЖД #РосНефть #Транснефть #РосАтом pic.twitter.com/5shCbgHO8a
— Head Mare (@head_mare) January 11, 2024
One of the main victims of this attack is the Russian corporation “Galaktika”, a developer of a digitalization platform for large enterprises, holdings and state corporations. The offices and development centres of “Galaxy” are located in various cities, such as Moscow, St. Petersburg, Yekaterinburg, Minsk and Almaty. The corporation has a partner network of more than 200 companies, including such companies as Rosneft, Transneft, Rostec, Roskosmos, Russian Railways, Gazprom, FSK UES, Rosatom, Uralvagonzavod”, “REA”, “High-speed complexes”, “KBP”, “Roselektronika”, “NPO Energomash”, “Almaz Antey”.
This attack also raises serious questions about cyber security in Russia and the need to improve measures to protect against similar incidents. The situation looks particularly threatening as the affected companies are key players in the country’s energy, transport and manufacturing sectors. Recovering damaged systems and data will require a lot of effort and resources.
Read also:
- Realme and Rolex are set to collaborate on the coming 12 series
- The Android Auto upgrades unveiled at CES 2024 are simply amazing