Large-scale DDoS attack hits Russia's food safety agency, impacting nationwide agricultural product shipments
Learn More
Russia's Federal Service for Veterinary and Phytosanitary Surveillance, known as Rosselkhoznadzor, was hit by a large-scale distributed denial-of-service (DDoS) cyberattack that disrupted critical food safety tracking systems and temporarily paralyzed the shipment of agricultural products across the country.
The organization oversees critical digital infrastructure that tracks the movement and safety certification of agricultural products nationwide.
The DDoS attack targeted the VetIS, Mercury and Saturn systems that track the movement of agricultural products and chemicals. The attack started at at 8:40 a.m. on October 22, and ended by approximately 6:00 p.m. Users primarily complained about the inaccessibility of the Mercury system, an automated platform for tracing products subject to veterinary supervision throughout Russia.
Under Russian law, companies handling meat, milk, eggs, and other animal products must register with Mercury and issue electronic veterinary documents confirming product authenticity and safety. Without these certificates, suppliers cannot legally deliver goods to retailers or processors. One company manager stated that production movement was paralyzed for half of the day, adding that the lack of an emergency procedure allowing shipments without digital paperwork led to financial losses.
According to Russian retail outlet Shopper's, suppliers attempted to negotiate with retail chains for shipments without electronic accompanying documents. Stanislav Bogdanov, chairman of the presidium of the Association of Omnichannel Retail Companies (AKORT), stated that the outage affected several retail chains, and they were setting up the Mercury system for emergency operation to allow for the continuation of regular operations and product registration. Two major dairy producers and a baby food manufacturer reported being unable to ship products for several hours on Wednesday.
The Russian agency stated there was no threat to the integrity or confidentiality of the data processed in the systems, emphasizing that temporary unavailability of Rosselkhoznadzor's information systems may occur depending on the geographic location or connection method.
Russian telecommunications providers Megafon, Rostelecom, and Intelsk are working to mitigate the cyberattack by filtering malicious traffic.
So far no hacker group or individual has claimed responsibility for the attack.
Rosselkhoznadzor denied reports of prolonged disruptions, saying Thursday that the Mercury system was operating "as usual." The agency claims that media reports alleging the outage led to Mercury's shutdown were inaccurate, and that on the day of the attack they successfully processed over 14.5 million veterinary accompanying documents electronically.
