By James Pearson and Tom Balmforth
LONDON (Reuters) – Hackers linked to Ukraine’s main spy agency have breached computer systems at a Moscow-based internet provider in retaliation for a Russian cyber attack against Ukrainian telecom giant Kyivstar, a source with direct knowledge of the operation told Reuters on Tuesday.
The hacking group, dubbed “Blackjack”, has previously been linked to the Security Service of Ukraine (SBU). The hackers deleted 20 terrabytes of data at M9 Telecom, a small Russian internet and TV provider, leaving some Moscow residents without internet, the source said.
The digital intrusion was a warm-up for a larger cyber attack which would be “serious revenge for Kyivstar”, the source said, citing the hackers. The source did not say when the hack took place.
M9 Telecom did not respond to an emailed request for comment. The company’s website was still online on Tuesday, despite claims by the hacking group that it had been destroyed.
Reuters was unable to independently verify the extent to which the hack was successful. Reached by phone, M9 Telecom’s CEO Andrey Pavolvsky declined to comment.
Kyivstar, Ukraine’s largest mobile network operator, was knocked offline by Russian spies last month in what appeared to be the largest cyber attack since Moscow launched its war on the country in February 2022.
Russian hackers were inside Kyivstar’s systems for months before the attack, Ukraine’s cyber spy chief, Illia Vitiuk, told Reuters last week. The hack caused “disastrous” destruction at the company, he said.
Separately, Ukraine’s military intelligence agency, the GUR, said late on Monday that it had received a large cache of classified Russian military data from the Special Technology Centre (STC), a sanctioned Russian company which produces the Orlan drone and a range of intelligence equipment for Moscow. (This story has been refiled to change the picture)
(Reporting by James Pearson and Tom Balmforth; Additonal reporting by Gleb Stolyarov in Tbilisi, editing by Ed Osmond)