UK Dismantles Russian Cybercrime Networks

• New sanctions target the Media Land cybercrime syndicate responsible for facilitating cyber-attacks on UK-based companies.

• Foreign Secretary announces latest crack down on illicit cyber activity globally, as cyber-attacks cost the UK economy £14.7 billion in 2024.

• Today's coordinated action with Australia and the United States demonstrates the UK's ongoing commitment to tackling malicious Russian cyber activity.

Illicit Russian networks enabling cyber-attacks round the world are today exposed and sanctioned by the UK, in latest crack down on malicious Russian cybercrime.

Today's action targets Media Land, one of the most significant operators of so-called "bulletproof" hosting services, which provides online infrastructure that enables cyber criminals to engage in illegal activity, including ransomware and phishing attacks.

These shadowy online networks allow cyber criminals and malicious actors to think they can act with impunity and destroy livelihoods - today's action, taken alongside our allies in Australia and the United States and in collaboration with the UK's National Crime Agency, proves otherwise.

Cyber criminals hiding behind Media Land's services are responsible for ransomware attacks against the UK's critical national infrastructure including those in the telecommunications sector, as well as malware and phishing campaigns targeting UK taxpayers.

Defending Europe from malicious Russian cyber and hybrid activity is a shared priority for the UK and Germany, with Foreign Secretary Yvette Cooper set to meet her German counterpart Johann Wadephul.

Foreign Secretary, Yvette Cooper, said:

Cyber criminals think that they can act in the shadows, targeting hard working British people and ruining livelihoods with impunity.

But they are mistaken - together with our allies, we are exposing their dark networks and going after those responsible.

Today's measures will also directly target Media Land's ringleader Alexander Volosovik, AKA Yalishanda, who has been active in the cyber underground since at least 2010, and is known to have worked with some of the most notorious cyber criminal groups, including Evil Corp, LockBit and Black Basta.

Ransomware attacks like those facilitated by Media Land significantly undermine the national security of the UK and our allies and directly harm British businesses. Cyber-attacks are estimated to have cost British businesses £14.7bn in 2024, accounting for 0.5% of GDP and growing every year.

The harm caused by 'bulletproof' hosting services like Media Land extends beyond enabling cyber-attacks against businesses, with their services providing cover for those carrying out a wide range of malicious activity. Aeza Group LLC, also sanctioned today, has provided 'bulletproof' services to support the work of the Social Design Agency - a Russian disinformation agency sanctioned by the UK in 2024 for its attempts to destabilise Ukraine and undermine democracies around the world. This action demonstrates our continued commitment to crack down on organisations that enable the Kremlin's information war.

Alongside our allies, the UK is rooting out these criminal cyber gangs and going after their ringleaders - promoting growth by safeguarding British businesses, fundamental to this government's Plan for Change.

Putin has turned Russia into a safe haven for these malicious cyber criminals, cultivating a dark criminal ecosystem with deep ties to the Kremlin. Through today's action and repeatedly targeting malicious actors like LockBit and Evil Corp, the UK is disrupting these underground networks. If Russia isn't going to clean up its act and go after these criminals, then the UK and our allies will.

Background

• Please see press releases on the UK's sanctions against the Social Design Agency , ZSERVERS , LockBit and Evil Corp for more detail.

• Today, the National Cyber Security Centre and its international counterparts have issued new advice to help defend against potential malicious cyber activities enabled by bulletproof hosting providers,