A cyberattack orchestrated by the Ukrainian volunteer hacker group known as the IT Army has wreaked havoc on Russian internet provider Lovit, causing disruptions in key cities like Moscow and St. Petersburg for three consecutive days. The attack, which commenced last Friday, not only impacted internet services but also led to the disabling of intercom systems in residential buildings linked to Lovit. As a result, inhabitants faced difficulties accessing their homes, while businesses within these buildings encountered issues with their payment terminals and loyalty programs, as reported by local media outlets.
The IT Army, in a bold move, claimed responsibility for the attack and taunted Lovit in a statement released on Monday. The group’s motive appeared to be clear – apply relentless pressure on Lovit to test the resilience of the company’s infrastructure. Despite these claims, independent verification of the IT Army’s involvement remains uncertain.
According to Russia’s internet regulator, Roskomnadzor, the distributed denial-of-service (DDoS) attack on Lovit originated from servers and botnets located in multiple countries, including the U.S., Germany, Sweden, Finland, the Netherlands, France, Croatia, the U.K., and Russia. Lovit’s critical infrastructure and online systems bore the brunt of the attack, causing disruptions to the company’s mobile app, website, and user accounts. Roskomnadzor highlighted Lovit’s lack of preparedness for such a large-scale incident, with ongoing service issues still unresolved as of Monday.
Lovit, an exclusive internet service provider for residential complexes developed by Russia’s leading real estate firm, PIK, has faced criticism previously for its monopolistic practices. Reports emerged that affected residents are planning to lodge a joint complaint with Russia’s antimonopoly service, alleging that Lovit unjustly sets prices above market rates and obstructs access to alternative service providers.
A Lovit user named Denis shared his ordeal with local media, recounting the chaos caused by the prolonged attack: “It’s been three days, and nothing is working — no internet, no intercoms, no cash registers in stores. Complete collapse.” Experts from a Russian cybersecurity firm, Visum, suggested that Lovit was a strategic target due to its crucial role as the primary provider for PIK’s residential complexes, enabling maximum damage potential.
The incident reflects a broader trend of pro-Ukrainian hacker groups targeting Russian internet providers. The IT Army’s cyber assaults on Russia have surged in the past year, focusing increasingly on regional telecom operators. In a similar vein, the Ukrainian Cyber Alliance previously claimed responsibility for an attack on Russian internet provider Nodex, resulting in significant infrastructure damage.
Further illustrating the vulnerability of Russian telecom companies, recent incidents include cyberattacks on major providers like Rostelecom, Beeline, and MegaFon. These attacks, attributed to politically motivated threat actors, underscore the heightened risks faced by the telecom sector in Russia. Last year alone, over 30% of all DDoS attacks in the country were directed at telecommunications companies, with a vast majority linked to politically driven agendas.
As cybersecurity threats continue to evolve, the need for robust defense mechanisms and proactive measures to mitigate cyber risks has never been more crucial. The recent wave of cyberattacks targeting Russian internet providers serves as a stark reminder of the persistent and escalating cyber warfare tactics employed by various threat actors worldwide.