Head Mare hackers breach Russian defense enterprise, leaking sensitive missile documentation online
The hacker group Head Mare published the internal documentation of the Russian scientific and industrial association "Vysokotochnye sistemy i tehnologii" ["High-tech Systems and Technologies" – ed.], which works in the defense industry and is under international sanctions.
This was announced on the group's X network (Twitter) page.
The hackers' archive includes technical details about the products, information on the responsible companies, and personal data of their employees.
Photo: social networks X / Head Mare
The technical documentation published so far includes detailed information about the new Gvozdika hypersonic target missile, developed to train air defense systems (APD) calculations to intercept high-speed targets.
Published documents include:
- 3D models of the product from various companies,
- rocket characteristics,
- test results of individual components,
- list of persons responsible for this program.
1/7 Хэд Марэ пришла в гости к НПО «Высокоточные системы и технологии» из города @Izh_gov, которую отжал #калашников. В нашем распоряжении секретная документация на оружие и информация о сотрудниках и поставщиках pic.twitter.com/eulsgZvpDV
— Head Mare (@head_mare) February 17, 2024
Also among the published documentation is information on the testing and production of the 9M333 anti-aircraft guided missile components. It is used as part of the Strela-10M4 anti-aircraft missile complex and is equipped with an infrared homing head.
In December 2020, the "Kalashnikov" concern, which includes "Vysokotochnye sistemy I tehnologii," announced the successful completion of tests and the start of serial production of this missile.
In addition, the hackers noted that despite the large amount of documentation and instructions related to the cyber protection of classified information, they easily broke into the company's internal network.
For reference:
"High-tech Systems and Technologies" is a Russian company that designs and produces weapons. It is a top company in Russia for developing and manufacturing tactical ballistic missile systems. It is under the state corporation "Rostech" and has been a part of the Kalashnikov concern since 2016.
The enterprise manufactures the anti-aircraft missile system "Pantsir" and ballistic missiles "Iskander."
The company is engaged in the production of small arms and high-precision projectiles. In particular, it specializes in developing and producing short-range guided missiles and airborne and ground-based elements of anti-aircraft missile systems.
Due to Russia's invasion of Ukraine, the company is under international sanctions by Ukraine, the European Union, and several other countries.
Cyber attacks on Russian websites
Since the beginning of the full-scale war, Ukrainian IT has been attacking the websites of central Russian banks and state institutions. The websites of the Ministry of Defense of Russia, Roskomnadzor, and Rosaviatsia have stopped working. Large and state-owned (propaganda) mass media also stopped working due to hacker attacks.
Recently, Ukrainian military intelligence cyber specialists launched an attack on the Russian Ministry of Defense's server, specifically used for communications. The server was successfully taken down.
Also, the Ukrainian IT army paralyzed the work of the Russian enterprise management system 1C-Rarus.
In addition, it was reported that the Ukrainian IT Army hacked the Russian cloud service Bitrix24, which is used by the largest sponsoring companies of Russia's war against Ukraine, including the Rosneft corporation.
Disruptions in the operation of "Bitrix24" services occurred in several Russian cities, in particular, in Moscow, St. Petersburg, Yekaterinburg, Samara, Ufa, Chelyabinsk, Krasnodar, as well as in the capital of Belarus, Minsk.
In addition, the cyber units of the Main Directorate of Intelligence attacked the Russian tax system and managed to destroy the entire database and its backup copies: from now on, the Russian Federation will not be able to resuscitate its institution fully.
In December, the Ukrainian IT Army made a "New Year's cyber gift to the Russians." Hackers stopped the operation of payment terminals in the Russian Federation.
In January, a Ukrainian hacker group, probably with the support of Ukraine's Security Service, hacked the Moscow Internet provider "M9kom" and "demolished" its servers. As a result, part of the Russian capital was left without the Internet and TV.
Hackers of the Main Directorate of Intelligence destroyed the entire IT infrastructure of the IPL Consulting company, which specialized in implementing information systems in the Russian industry.
