Ukraine’s IT Army is disrupting Russia’s alcohol distribution

Bleeping Computer
By Bill Toulas
May 5, 2022

Hacktivists operating on the side of Ukraine have focused their DDoS attacks on a portal that is considered crucial for the distribution of alcoholic beverages in Russia.

DDoS (distributed denial of service) attacks are collective efforts to overwhelm servers with large volumes of garbage traffic and bogus requests, rendering them unable to serve legitimate visitors.

According to reports from multiple Russian media outlets, several vodka producers and distributors claim inability to access the EGAIS (ЕГАИС) portal as required by government regulations.

As a result, alcohol beverages transportation and distribution to retail points have suffered greatly in the past couple of days, raising the risk of actual shortages on the shelves.

A person working in the field told Vedomosti that “Due to a large-scale failure, factories cannot accept tanks with alcohol, and customers, stores, and distributors, can not receive finished products that have already been delivered to them.”

Yesterday, many factories decided to halt shipments to warehouses completely and subsequently cut their production rate, as they are overflowing with products that remain undelivered and can’t take any more.

Ukraine’s IT Army lists EGAIS

At the time of writing this, the portal of EGAIS remains out of reach, so we can only assume that the DDoS attack is still ongoing.

Bleeping Computer has found the associated websites listed as targets on Ukraine’s IT Army Telegram channel, so there’s a good chance that they are behind these attacks.

The posts on Telegram are meant to help coordinate DDoS activities that are launched independently from isolated actors using tools like the Liberator.

Ukraine’s IT Army is a special type of a cyber-force that enlists volunteers from around the globe, uniting them under the common goal of launching retaliatory cyberattacks against key Russian entities.

The formation of this otherwise illegal task force was announced by Ukraine’s government officials in February 2022 and has remained active on the cyber front line since then.

Attacks on Russian supply chains

This is not the first attack targeting Russia’s internal product supply chains, aiming to cause disruption and potentially even shortages.

Last March, the Moscow-based meat producer, and distributor Miratorg announced news of a cyberattack that encrypted its IT systems, aiming to sabotage its operations.

The point of compromise was another state information system, VetIS, used by companies engaged in the veterinary field.