A Russian citizen has recently been handed a two-year sentence in a penal colony for orchestrating a cyberattack on a local tech company. The assault, which took place in April 2024, was a distributed denial-of-service (DDoS) attack on a business crucial to Russia’s critical infrastructure. Along with the prison term, the individual, a resident of the Rostov region, was also slapped with a fine of 500,000 rubles, equivalent to around $5,400. The culprit’s identity was not disclosed by the Federal Security Service (FSB), but previous instances have suggested involvement of Ukrainian intelligence agencies.
This incident sheds light on the growing trend of Russian hackers turning against their own country or collaborating with foreign entities. In a similar case last October, a Moscow resident was apprehended for utilizing Ukrainian software to carry out DDoS attacks that disrupted Moscow’s infrastructure during regional elections, further souring relations between Russia and Ukraine. Russian law enforcement has been actively pursuing other high-profile cases as well, including one where a scientist was accused of cooperating with Ukrainian intelligence services.
Apart from these examples, the FSB arrested a student last year for assisting the Ukrainian hacker group Cyber Anarchy Squad. In a separate incident, a man was charged in February 2025 for triggering a regional blackout through a cyberattack on a power plant. These arrests signify the increasing number of prosecutions for domestic cybercrimes within Russia. However, legal actions against major Russian hacking groups have been relatively sluggish, especially in the trial of suspected members of the infamous REvil ransomware group.
Despite the ongoing prosecutions, Russia has been resistant to international attempts to target its hacking factions. The Russian government denounced U.S. sanctions imposed on members of the Cyber Army of Russia Reborn (CARR), dismissing them as part of a Western propaganda ploy. Legal proceedings against these hacking groups have encountered significant delays, with only a small fraction of the individuals arrested in the REvil case making appearances in court.
While the Russian government’s stance on cybersecurity remains steadfast, the authorities are increasingly cracking down on internal cyber offenders. The surge in prosecutions for domestic cybercrimes suggests a growing recognition of the threat posed by cyberattacks, both from foreign entities and within Russia itself. The country’s cybersecurity landscape is evolving rapidly, and as more cases like these come to light, it is clear that Russia is taking a proactive stance in combating cyber threats, both foreign and domestic.