Security News > 2022 > March > Russian government sites hacked in supply chain attack

Russia says some of its federal agencies' websites were compromised in a supply chain attack on Tuesday after unknown attackers hacked the stats widget used to track the number of visitors by multiple government agencies.

The list of sites impacted in the attack includes the websites of the Energy Ministry, the Federal State Statistics Service, the Federal Penitentiary Service, the Federal Bailiff Service, the Federal Antimonopoly Service, the Culture Ministry, and other Russian state agencies.

"It is difficult to compromise these websites directly, so hackers attack resources through external services and thus gain access to demonstrate incorrect content," the press service of the Russian Ministry of Economic Development told Interfax.

This comes after the Russian government shared a list of more than 17,000 IP addresses allegedly used in DDoS attacks against Russian networks.

The Federal Security Service's National Coordination Center for Computer Incidents warned Russian organizations to take measures to counter threats to their information security and shared guidance to defend against such attacks.

"There are nonstop cyberattacks on Russian sites from abroad. We are getting prepared for various scenarios in order to ensure the accessibility of Russian [online] resources. There are no plans to switch off the internet from inside ," a spokesperson told Interfax.

News URL

https://www.bleepingcomputer.com/news/security/russian-government-sites-hacked-in-supply-chain-attack/