Cyber Incident Victim: Platon
Date:
Mar 2025
Location:
Russia
Summary
A cyberattack disrupted the Platon servicefor truck drivers in Russia, causing the website and personal accounts to become inaccessible and preventing the issuance of route sheets, which left many trucks stranded. The attack targeted the service's connectivity provider, leading to widespread user complaints and over a thousand reports on down detector. The service is a Russian state system for toll collection on trucks exceeding twelve tons, with its revenues funding federal road maintenance that supports the occupying army's operations in Ukraine.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
OnMarch 27 2025 the Russian state toll‑collection system “Platon” experienced a disruption that its operators later described as a massive cyberattack on its communications provider. According to Platon’s own social‑media posts made on Friday March 28, the attack had been underway for the second consecutive day, with the company stating that a “massive attack is being carried out on the communications provider” and that this was causing disruptions in access to its resources for some users. The incident was first reported by sources from OBOZ.UA, who said the service was knocked out as a result of a large‑scale hacker operation that began the previous day. Platon’s announcement emphasized that the outage was not due to internal technical failure but to external interference targeting its network connectivity. No further technical details about the attack vector or the perpetrators were disclosed in the statements released by the service.
The effects of the outage were felt across the entire Russian Federation, as drivers reported that both the Platon website and their personal accounts were inaccessible from the morning of March 27. Because the system could not generate route sheets, trucks carrying loads over twelve tons were forced to stop, leading to widespread complaints from the trucking community. Monitoring platform Down Detector recorded more than one thousand user complaints about the service’s malfunction during the period of the attack. The disruption affected the core function of Platon, which is to collect fees from heavy vehicles for the maintenance of federal roads and road infrastructure. The inability to process payments and issue documentation directly impeded the logistics of freight transport throughout the country.
In response to the incident, Platon used its social‑media channels to inform users that the outage stemmed from a cyberattack on its communications provider and to acknowledge the ongoing difficulties. The service did not describe any specific containment or remediation steps taken beyond issuing the public statement. Separately, OBOZ.UA reported that Ukrainian hackers had previously exposed and blocked a channel used to supply sanctioned military equipment from Europe to Russia via India, involving the Indian firm Park Controls&Communications and the Russian military‑industrial complex; this information was presented in the same article but is not linked by the source to the Platon attack. The narrative concludes with the fact that, as of the article’s publication date, Platon’s service remained impaired and the company continued to communicate the status of the attack through its online platforms.