A large-scale distributed denial-of-service (DDoS) attack targeted Russia’s Federal Service for Veterinary and Phytosanitary Surveillance (Rosselkhoznadzor), severely disrupting the agency’s critical information systems, including VetIS and Saturn. The attack rendered the Mercury platform, which is essential for issuing electronic veterinary certificates, temporarily unavailable, halting the movement of agricultural products and chemicals across the country. Major dairy and baby food producers reported hours-long delays, as they were unable to obtain the mandatory documentation required for legal shipment of meat, milk, and other animal products. The agency confirmed that there was no compromise of data integrity or confidentiality, and mitigation efforts were underway with support from major Russian telecom providers.
The disruption led to significant financial losses for suppliers and forced some to negotiate with retail chains for emergency shipment procedures. While Rosselkhoznadzor stated that the Mercury system was operating normally by the following day, the incident highlighted the vulnerability of Russia’s food supply chain to cyberattacks. No hacker group has claimed responsibility for the attack, and this marks at least the fourth such incident targeting the Mercury system in 2025. The agency and affected companies are reviewing emergency protocols to prevent future disruptions of this scale.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
2 events from the most recent confirmed update back to the earliest known activity.
Following the attack on Rosselkhoznadzor, product shipment processing was disrupted, leading to delays and reported halts affecting food shipments across Russia.
Russia's food safety agency, Rosselkhoznadzor, was reportedly targeted in a distributed denial-of-service attack that disrupted its systems and operations.
3 references tracked. Mallory keeps watching after this page renders.
scworld.com
Open sourcesecurityaffairs.com
Open sourcetherecord.media
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.