iscover
Ukraine has allegedly breached the network of a key Russian warplane manufacturer, claiming to have stolen confidential data.
The Ukraine Ministry of Defence’s Main Intelligence Directorate (GUR) said it launched a cyber attack on the Tupolev division of the United Aircraft Company, a Russian state-owned aerospace and defence company responsible for developing supersonic strategic bombers like the TU-160M White Swan.
An anonymous source told the Kyiv Post that the GUR claimed to have exfiltrated 4.4 gigabytes from Tupolev containing classified information, including the personal data of company personnel, engineer and designer resumes, closed meeting minutes, procurement documents and internal communications which include messages between company management.
“The value of the data obtained is hard to overstate. There is now virtually nothing secret left in Tupolev’s operations as far as Ukrainian intelligence is concerned,” the source said.
“We now have comprehensive information on individuals directly involved in maintaining Russia’s strategic aviation. The effects of this operation will be felt both on the ground and in the skies.”
Alongside the breach, the website of Tupolev was defaced with an image of a giant owl holding a plane, a nod to the GUR whose emblem is an owl wielding a sword.
The Tupolev Tu-160M “White Swan” is a Russian supersonic, variable-sweep wing strategic bomber, and the largest and heaviest combat aircraft in the world. A modernised version of the Soviet-era Tu-160, the Tu-160M, features upgraded avionics, improved engines and enhanced weapon systems, including the capability to carry nuclear and conventional cruise missiles.
Known by NATO as “Blackjack”, the Tu-160M is designed for long-range strike missions and can exceed Mach 2 speeds. It plays a central role in Russia’s strategic bomber fleet and nuclear deterrence posture. Despite its Cold War origins, ongoing modernisation efforts aim to keep the aircraft relevant into the 2030s.
Russia resumed limited production of updated airframes, signalling its continued investment in long-range airpower. The aircraft is often used in power-projection missions, including flights near NATO airspace and remains a symbol of Russia’s long-range strike capability.
While the GUR did not announce when the breach happened, the source told the Kyiv Post that they were in Tupolev’s systems for some time, a claim which is backed up by the website defacement image, showing imagery celebrating Victory Day, which occurs on 9 May to celebrate the anniversary of the end of World War II.
Cyber attacks between Russia and Ukraine have played a major part of the conflict between the two nations.
In March, Ukraine’s state train operator, Ukrzaliznytsia, confirmed a cyber attack, which it said affected its digital services, including the mobile app used for purchasing train tickets.
“Ukrzaliznytsia’s online systems have been subjected to a large-scale targeted cyber attack. The restoration of all systems lasted all day and continues now,” Ukrzaliznytsia said in a statement on Telegram.
“Ukrzaliznytsia specialists are closely cooperating with the cyber department of the Security Service of Ukraine.”
While ticket sales were affected, leading to long queues at stations as passengers attempted to purchase physical tickets, Ukrzaliznytsia confirmed that train schedules and transport operations remained unaffected.
“The enemy failed to do the key thing: train traffic is stable, they run clearly, without delays, and all operational processes of the movement are set up in a back-up format,” Ukrzaliznytsia added.
Just days later, Russia suffered a railway outage suspected to be a revenge attack from Ukraine.
In a statement on 31 March 2025, the Russian Centre for Monitoring and Control of the Public Communication Network (CMU SSOP) said it had received a large number of reports of issues with its application and website.
“On March 31, starting at 06:00, the Public Communication Network Monitoring and Control Center (PCNCNC) recorded a surge in requests about problems with the Moscow Metro application,” said CMU SSOP said.
“As of 12:00, the problem with the application’s availability persists. Specialists are working to resolve the issue.”
Despite efforts to fix the issue, the next day, DownDetector.su showed that users still struggled with the subway’s online services, with the Moscow Metro app not working.
