Suspected Ukrainian Cyberattack Knocks Out Parking Enforcement in Russian City

Summary: Residents of Tver, Russia, enjoyed free parking for nearly two days due to a reported “technical failure” in the digital payment system, which a hacker group claims was a result of a cyberattack on the city’s administrative network. The Ukrainian Cyber Alliance asserted responsibility for the disruption, claiming extensive damage to the city’s digital infrastructure.

Threat Actor: Ukrainian Cyber Alliance | Ukrainian Cyber Alliance
Victim: Tver Administration | Tver Administration

Key Point :

  • The Ukrainian Cyber Alliance claimed to have taken down Tver’s administrative network, affecting various digital services.
  • Local officials initially attributed the disruption to a technical failure, but cybersecurity experts noted the city’s official website was offline.
  • This incident follows a pattern of pro-Ukraine hackers targeting Russian services, including previous attacks on Russian courts.
  • The Ukrainian Cyber Alliance has been active since 2016, intensifying its operations against Russia since the invasion of Ukraine.

Residents of the northwestern Russian city of Tver were able to park for free for nearly two days due to what local authorities referred to as a “technical failure” in the digital parking payment system.

However, a hacker group known as the Ukrainian Cyber Alliance is offering another possible reason for the disruption: a cyberattack on the city’s administrative network.

In a statement on Tuesday, the group’s spokesperson said the hackers had taken down the network and claimed to have wiped out “dozens of virtual machines, backup storage, websites, email, and hundreds of workstations.”

“They have nothing left. The internet is down, phones aren’t working, and even the parking system is dead,” the spokesperson claimed, sharing screenshots of the allegedly breached systems to support the claims.

Tver officials initially didn’t comment on the hackers’ claim, though some local cybersecurity experts noted the city’s official website was offline. A day after the alleged attack, Tver’s administration issued a statement saying that technical work was underway on its website and the online parking payment platform, making them temporarily unavailable. 

Local residents reported that when attempting to make a payment, they received error messages or experienced app loading failures, with a “request timeout” error.

On Thursday, city officials announced that parking payment services had been restored, though they did not confirm whether a cyberattack had occurred.

This is not the first time pro-Ukraine hackers have claimed responsibility for attacks on Russian services. Earlier in October, hackers from the BO Team, a pro-Ukraine group known for cooperating with Ukrainian military intelligence on several operations against Russia, stated they had breached the system used by Russian courts. 

Following the attack, the websites of Russian general jurisdiction courts remained down for weeks, along with their communication network and email services. At that time, the court website outages were similarly attributed to a “technical failure.”

The Ukrainian Cyber Alliance is a community of pro-Ukraine cyber activists formed in 2016. They joined the fight against Russia when it invaded Ukraine two years ago. Last October, they claimed to have breached Russia’s national card payment system and obtained user data. The government-run National Payment Card System (NSPK) confirmed at that time that its website was indeed hacked.

The group also reported taking down the leak site run by the Trigona ransomware group, which may have connections to the Russia-linked AlphV gang, also known as BlackCat.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

Source: https://therecord.media/ukraine-cyberattack-russia-parking-tver