Ukraine's Main Directorate of Intelligence, or HUR, has admitted to compromising Russian federal digital signature certification organization Osnovanie in a cyberattack last week, according to The Record, a news site by cybersecurity firm Recorded Future.
Such an intrusion, which has been conducted alongside Ukrainian hacking group BO Team, resulted not only in the defacement of Osnovanie's website but also the destruction of sensitive server-stored data and a database with 1.5 million electronic digital signatures, said the HUR.
However, Osnovanie refuted the HUR's claims, stating that only its websites' had been impacted by the incident, which was unlikely to have hit its cryptographic keys stored outside its networks. "Private keys are stored by users individually on certified storage devices, and only the key and certificate owner has physical access to these devices," said Osnovanie, whose commercial director Alexey Senchenkov noted the attack to have originated from U.S.-, Estonia-, and Netherlands-based servers.
