Hackers Publish Russian Ministry of Culture Email Archive
On April 14, 2022, hackers released a massive archive of government email correspondence, including over 700 GB of data, on the Distributed Denial of Secrets (DDoSecrets) website. The archive contains 230,000 emails from Russia’s Ministry of Culture, another 230,000 from the Blagoveshchensk city administration, and 130,000 from the office of the Governor of Tver Region, according to a report by Kommersant.
Cybernews believes the leak resulted from a cyberattack by the hacker group Anonymous. A cybersecurity industry source confirmed that the archive contains genuine government emails.
A Kommersant correspondent reviewed one of the archives and verified that it includes emails sent from the Ministry of Culture. These messages contain information about salaries, dismissals, discussions about defects in cultural heritage sites, and internal correspondence among employees of Rosgosexpertiza, a federal agency overseen by the Ministry of Culture.
The Ministry of Culture confirmed that they detected a hacker attack on Rosgosexpertiza’s email system. Specialists are currently working to eliminate the consequences of the breach and strengthen the security of their information systems. The ministry’s electronic document management system continues to operate as usual.
The administrations of Blagoveshchensk and Tver Region did not respond to requests for comment. A cybersecurity market source suggested the leak occurred due to a vulnerability in the mail server.
Ivan Melekhin, director of the IZ:SOC cyberattack monitoring center at Informzashita, explained that servers are often accessible from the internet and have enough vulnerabilities to be exploited. Another source noted that the breach of government email systems indicates a disregard for vulnerability management policies within these agencies.
Experts say that analyzing the contents of all the emails is a “non-trivial task.” The messages may contain information about budgets, projects, and the terms of competitions and tenders, but are unlikely to include data that would directly harm the state. Theoretically, the data leak could lead to a review of budgets and competition terms. Experts also noted that the main goal of the attack was to damage the government’s reputation.