Cyber Incident Victim: EMERCOM of Russia

On or around March 16, 2022, the hacktivist collective Anonymous conducted a cyber operation against the Russian Ministry of Emergencies, defacing its website and displaying anti-government messages. The defacement included the statements "Don’t trust the Russian media – they are lying," "Full information about the war in Ukraine," and "Russia’s default is imminent." This incident formed part of a broader campaign by Anonymous and affiliated groups targeting Russian state entities in response to the invasion of Ukraine. Concurrently, Anonymous claimed to have compromised Rosatom State Nuclear Energy Corporation, exfiltrating gigabytes of sensitive data that subsequently began appearing in public leaks. These actions coincided with other disruptive activities, including attempts to interfere with Russian military communications through the interception and sharing of unencrypted High Frequency and morse code transmissions from battlefield units.

The Ministry of Emergencies website defacement represented one component of a multi-pronged information warfare strategy. Anonymous simultaneously launched psychological operations targeting Russian civilians, establishing a platform to distribute unsolicited emails, SMS messages, and instant communications detailing alleged Russian military atrocities in Ukraine. Technical disruptions extended to physical infrastructure, with the affiliated group GhostSec seizing control of over 100 Russian government and military printers earlier that week. Additional surveillance capabilities were demonstrated through the continued sharing of network camera access across Russia and Belarus. These cumulative actions sought to undermine state narratives, compromise operational security of military units, and erode public confidence in government institutions through coordinated digital sabotage and information dissemination campaigns.