On December 11, Grigory Sverdlin, a prominent anti-war advocate, reported concerning news via Telegram about a cyber breach. An unidentified hacker collective claimed responsibility for infiltrating the systems of Mikord, a key player in managing Russia’s military draft database. According to Sverdlin, the hackers provided his organization, Get Lost, with a substantial cache of sensitive data. He revealed, “They had access for several months and handed over a vast collection of documents from the register.” This trove of information is expected to fuel an upcoming investigative report by iStories, shedding light on the implications of this breach.
Sverdlin elaborated that the hackers inflicted significant damage on the operational capabilities of Russia’s digital draft framework, claiming, “For several more months, this giant system, housing 30 million records, will be unable to send individuals off to combat.” To delve deeper into the repercussions of this cyberattack for potential draftees and those seeking to evade conscription, Meduza engaged in a conversation with Sverdlin.
Understanding the Unified Military Register
The Unified Military Register is a comprehensive digital platform that consolidates data from various governmental sources regarding Russian citizens. Managed by the Defense Ministry, this system is designed to streamline the issuance of draft notices and facilitate information sharing with other governmental bodies, such as the Federal Security Service (FSB) and the Interior Ministry.
The process of summons delivery
Once a draft notice is dispatched—either electronically or via registered mail—the recipient faces mandatory reporting to a military enlistment office. Failure to comply with this summons results in automatic travel restrictions, prohibiting individuals from leaving the country until they respond. Furthermore, those deemed draft dodgers encounter additional legal penalties, which may include the revocation of their ability to obtain loans, register property, or even hold a driver’s license.
Consequences of the cyber breach
Despite the intended functionality of the system, Sverdlin asserts that the recent cyberattack has rendered the Unified Military Register largely non-operational. “It will take at least several months before the system is fully functional again,” he stated, referring to the attack on Mikord. He attributed this assessment to the evaluations conducted by the IT experts at Get Lost.
According to Sverdlin, the hackers executed a thorough assault, erasing critical source code and documentation. “The damage is profound, and the developers will need considerable time to recover,” he emphasized. Although there were backup systems in place, those too have been compromised, leading to a lengthy recovery period.
Current state of the draft system
As of December 10, the entire military draft system was offline for five consecutive days, with its website temporarily inoperable. Sverdlin indicated that while the basic functionalities of the register have resumed, the automated processes for imposing bans on travel and loans are currently ineffective. “Restrictions can still be applied manually, but the system’s automated responses are down,” he noted.
This disruption is particularly concerning in light of the Unified Military Register’s recent launch, which was initiated under legislation passed in April. The database at the time of the hack was vast, featuring over 30 million records, each containing approximately 100 data fields. When asked about the possibility of mobilization amidst these challenges, Sverdlin refrained from providing specifics, suggesting that further insights would emerge from the forthcoming iStories investigation. “What I can say is that the necessary functionalities for mobilization will not be operational in the near future,” he stated.
Increased demand for assistance
In the wake of the digital draft system’s launch in July, Get Lost has experienced a significant uptick in requests for assistance, with inquiries exceeding 100 per day. “The surge is primarily due to individuals’ concerns regarding their data being incorporated into the register,” Sverdlin explained. As notices began arriving in July and August, many recipients were alarmed by the prospect of being drafted.
While Sverdlin did not disclose the timeline for the publication of the iStories investigation, he assured that the extensive data acquired from Mikord would soon be accessible to the public. This data will include details about the individuals and companies involved in the development of the Unified Military Register. “We’re aware of those profiting from this initiative, and we aim to make that information available for public scrutiny,” he concluded, emphasizing that there is much to explore within this data.
