Following a daring drone attack on Russian airfields, Ukrainian military intelligence has reportedly also hacked the servers of Tupolev, the Kremlin’s strategic bomber maker.
Local media reports that the Defense Intelligence of Ukraine managed to exfiltrate over 4.4GB of data from Tupolev’s servers, including official correspondence, personal data of employees, engineer résumés, purchase records, residential addresses, and minutes from closed-door meetings.
“The significance of the data obtained cannot be overestimated. Now, in fact, there is nothing secret left in Tupolev’s activities for Ukrainian intelligence,” a source told Interfax.
“In particular, we have obtained comprehensive information about individuals directly involved in servicing Russian strategic aviation. The result will obviously be noticeable both on the ground and in the sky.”
In addition to apparently stealing data, the attackers defaced the Russian aircraft builder’s website. The Defense Intelligence agency’s logo is an owl holding a dagger in its claws, and visitors to the Russian site saw an owl clutching a bomber instead. The website now redirects to the United Aircraft Corporation (UAC) page instead, a conglomerate of aircraft manufacturers that includes Tupolev.
It’s a second blow to Russian confidence after last weekend’s drone attack on Russian airbases using 18-wheel trucks, or what some wags are calling Ukrainian aircraft carriers. The trucks reportedly carried prefabricated homes with dummy roofs that were automatically raised to let loose 117 explosives-laden drones that destroyed or damaged a claimed 41 bombers and air radar craft, a score that Russian state media disputes, saying there was damage to “several” aircraft.
Over the last three years of warfare, Ukrainian computer experts have become increasingly adept at online defense and attack. At the outbreak of the renewed Russian invasion of 2022, Western governments worked closely with the Ukrainians to bolster defenses, and while the Russians did score some successes, overall it wasn’t able to dominate the smaller country as some had been expecting.
In August 2023, the then-US government cybersecurity tsar at CISA, Jen Easterly, told attendees at the Black Hat hacking conference in Las Vegas that the Ukraine partnership was “probably the closest we’ve worked – operationally speaking – with any foreign partner in terms of how we’re thinking about sharing information with our computer emergency response team and enriched with what we’re both getting from the private sector and other national partners.”
Ukraine and the West have been sharing information on protecting networks, but it now appears the embattled state is willing to take a more offensive role. While some Tupolev engineers and other staff have been doxed, there’s no suggestion that they might be individually targeted for harm.
After both the drone bombing and now an online attack, the Russians need to save face with a high-profile attack on its adversary, Putin apparently told President Trump today.
“President Putin did say, and very strongly, that he will have to respond to the recent attack on the airfields,” Trump said on his social media site on Wednesday.
The Register contacted Defense Intelligence of Ukraine and Tupolev for more details. ®
