The attack, which also targeted the UK, US and Swedish embassies in Ukraine, is suspected to have been perpetrated by Russian threat actors amid significant tensions between the two nations.
Ukraine has been hit by a “massive” cyber-attack, forcing more than a dozen government websites offline, it has been reported today.
This attack comes just a day after we were able to report that Ukrainian authorities made a number of arrests including that of an alleged ransomware ringleader.
The websites taken offline include the Ukrainian ministry of foreign affairs and the education ministry. Before going down, a sinister message appeared stating: “Ukrainians! … All information about you has become public. Be afraid and expect worse. It’s your past, present and future.”
The message also reproduced the Ukrainian flag and map crossed out and referenced “historical land.” This appeared in three languages: Ukrainian, Russian and Polish.
The Guardian quoted the Ukrainian foreign ministry’s spokesperson, Oleg Nikolenko, who said: “As a result of a massive cyber-attack, the website of the ministry of foreign affairs and other government agencies are temporarily down.
“Our specialists have already started restoring the work of IT systems, and the cyber-police has opened an investigation.”
Ukraine’s SBU security service said that no personal data was leaked in the attack.
The incident has come amid heightened tensions in the region, with the Kremlin demanding assurances that Ukraine will not join Nato. Russia has deployed 100,000 troops to the border with Ukraine.
The EU’s top diplomat, Josep Borrell, condemned the attacks, stating: “We are going to mobilize all our resources to help Ukraine to tackle this. Sadly, we knew it could happen.”
He added: “I can’t blame anybody as I have no proof. But we can imagine.”
Commenting on the story, Anthony Gilbert, cyber threat intelligence lead at Bridewell Consulting, said: “At the moment it’s unclear how the attack occurred or who is behind it, but given the current situation, it’s highly likely it was politically charged as there appears to be no financial motivation. The attackers probably wanted to give a warning or ignite civil unrest and spread further undercurrents of no confidence in the government.”
Toby Lewis, global head of threat analysis at Darktrace, said it was too early to jump to conclusions about the nature of the attack and its perpetrators. “We should be cautious around labelling this as a ‘sophisticated’ attack. Some cyber-attacks are more successful than others; some are advanced and others less so. A distributed denial of service (DDoS) attack, for example, which is an attempt to bring down websites or networks by overwhelming the webserver with internet traffic, is not particularly sophisticated and relatively easy to mitigate.
“Some of the website defacements, such as those left on the education website and the ministry of foreign affairs, are designed to mimic ‘nationalist/separatist groups’ with claims that the attack was done in the name of the UPA (Ukrainian Separatist Army), which has not existed for over 50 years. Attribution is impossible to do with digital data alone, and it is not unlikely that this is a false flag to divert attention away from the true perpetrators, to stir up unrest or simply impact the credibility of the website owners.”
Russia has previously been blamed for cyber-attacks on Ukraine in recent years. These include attacks in 2015 and 2016 that took out large parts of the country’s power grids.
I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...
I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.
I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
- Rockstar confirms hack after Grand Theft Auto 6 leak - 19 September 2022
- Uber Data Breach: Ride-hailing Giant Investigating disruptive ‘incident’ - 16 September 2022
- Gitea 1.16.6 Remote Code Execution (RCE) (Metasploit) - 15 September 2022
English
Afrikaans
Albanian
Amharic
Arabic
Armenian
Azerbaijani
Basque
Belarusian
Bengali
Bosnian
Bulgarian
Catalan
Cebuano
Chichewa
Chinese (Simplified)
Chinese (Traditional)
Corsican
Croatian
Czech
Danish
Dutch
Esperanto
Estonian
Filipino
Finnish
French
Frisian
Galician
Georgian
German
Greek
Gujarati
Haitian Creole
Hausa
Hawaiian
Hebrew
Hindi
Hmong
Hungarian
Icelandic
Igbo
Indonesian
Irish
Italian
Japanese
Javanese
Kannada
Kazakh
Khmer
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latin
Latvian
Lithuanian
Luxembourgish
Macedonian
Malagasy
Malay
Malayalam
Maltese
Maori
Marathi
Mongolian
Myanmar (Burmese)
Nepali
Norwegian
Pashto
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Samoan
Scottish Gaelic
Serbian
Sesotho
Shona
Sindhi
Sinhala
Slovak
Slovenian
Somali
Spanish
Sudanese
Swahili
Swedish
Tajik
Tamil
Telugu
Thai
Turkish
Ukrainian
Urdu
Uzbek
Vietnamese
Welsh
Xhosa
Yiddish
Yoruba
Zulu
1 thought on “Ukrainian Government Websites Forced Offline in “Massive” Cyber-Attack”