The DTEK group, which owns coal and thermal power plants in various regions of Ukraine, said the purpose of the hack was to “destabilize the technological processes” of its distribution and production companies, to spread propaganda about company activities and “leave Ukrainian consumers without electricity.”
The actual impact of the hack and the computer systems that were hacked are unclear. No outages caused by the incident have been reported. DTEK did not respond to requests for comment.
XakNet had access to data belonging to an organization that was likely hacked by a Russian cyber-espionage group, suggesting a possible link between XakNet and the Russian government, said Alden Wahlstrom, principal analyst at US cybersecurity firm Mandiant, who investigated some of XakNet’s activities. activity.
On its Telegram channel, XakNet mocked and denied the suggestion that it is working with the Russian government.
CNN has requested comment from the Russian Embassy in Washington.
The hacking incident coincided with the Russian bombing this week of a DTEK-owned thermal power plant in Kryvyi Rih in central Ukraine, according to DTEK, whose websites say it employs 56,000 people.
Ukrainian energy suppliers have always been the target of Russian hacking teams since Russia annexed Crimea in 2014. The Ministry of Justice has accused the Russian military intelligence service of carrying out cyberattacks against services electricity utilities in 2015 and 2016 that cut power to parts of Ukraine.