KIEV, Ukraine – Hackers shut down several Ukrainian government websites on Friday, posting a message on the foreign ministry’s website saying, “Be afraid and expect the worst.” This was the latest in a long line of cyber attacks targeting the country amid its conflict with Russia.
Friday’s attack was ominous for its timing, coming a day after the apparent breakdown in diplomatic talks between Russia and the West aimed at thwarting Russia’s threatening invasion of Ukraine. The letter appeared in Ukrainian, Russian and Polish on the website of the Ministry of Foreign Affairs.
“As a result of a massive cyber attack, the websites of the State Department and a number of other government agencies were temporarily down,” the ministry said in a statement. statment.
Diplomats and analysts had been expecting a cyber attack on Ukraine, but proving such actions is extremely difficult. Ukraine did not directly blame Russia for the attack, but it clearly indicated that there is a long record of Russian online attacks against Ukraine.
The move to post the message on the State Department’s website in three languages appears to be an attempt to obfuscate the origins and motives of the hackers, and shift blame and suspicion elsewhere.
“Ukrainians! All your personal data has been uploaded to the Internet.” All data on your computer is destroyed. All information about you is public. Fear and expect the worst.” He also raised a number of historical grievances between Poland and Ukraine.
The attack came within hours of the conclusion of talks this week between Russia, the United States and NATO in Europe aimed at finding a diplomatic solution after Russia massed tens of thousands of troops near the border with Ukraine. Moscow has demanded sweeping security concessions, including a pledge not to accept Ukraine’s entry into NATO.
On Thursday, Russian officials said the talks had yielded no results, and a senior diplomat said they were close to a “stalemate”.
“The United States and its allies are actually saying ‘no’ to the main elements of these texts,” Russian Deputy Foreign Minister Sergei Ryabkov said after the latest round of talks on Thursday, referring to two draft treaties on security issues. That Russia proposed to NATO and the United States. “This is what we call a dead end or a different approach,” Ryabkov said.
Ukrainian government websites began to crash after a few hours, according to the Ukrainian Foreign Ministry, which said the cyber attack took place on Thursday night (Friday).
By morning, the hack had paralyzed much of the public-facing government digital infrastructure, including the site most used to engage with online government services, Diia. Ukrainska Pravda reports that the smartphone app version of the software is still working. Diia also plays a role in the response to the coronavirus in Ukraine and in promoting vaccination.
The attack hit the websites of the Cabinet and the Ministries of Energy, Sports, Agriculture, Veterans Affairs and the Environment, along with many other government websites. The websites of the President and the Department of Defense remained on the Internet.
Oftentimes, decoding the digital threads of such electronic operations can take days or weeks, which is one of the appeals for their use in modern conflicts. Sophisticated cyber gadgets have appeared in the confrontations between Israel and Iran, and the United States has blamed Russia for its use of hacking to influence the 2016 elections in the United States in favor of Donald J. Trump.
Ukraine has long been seen as a testing ground for Russian cyber operations, a kind of free-fire zone for cyber weapons in a country already embroiled in a real war with Russian-backed separatists in two eastern provinces. The US government has traced some of the most dangerous cyberattacks of the past decade to Russian actions in Ukraine.
Understand Russia’s relationship with the West
Tensions are rising between the two regions, and Russian President Vladimir Putin is increasingly willing to take geopolitical risks and assert his demands.
Tactics first seen in Ukraine later appeared elsewhere. A strain of Russian military spyware called X-Agent or Sofacy that was used to hack the Ukrainian Central Election Commission during the 2014 presidential election, for example, was later found in the Democratic National Committee server in the United States after the 2016 election hacking attacks.
Other types of malware such as BlackEnergy, Industroyer and KillDisk, aimed at sabotaging computers used to control industrial processes, shut down electrical substations in Ukraine in 2015 and 2016, causing blackouts, including in the capital, Kiev.
The following year, a cyberattack targeted Ukrainian companies and government agencies, which, perhaps inadvertently, spread around the world in what Wired magazine later described as “the most destructive cyberattack in history.” The malware, known as NotPetya, targeted a type of Ukrainian tax preparation program, but it appears to have gotten out of hand, according to experts.
The attack initially appeared narrowly focused on the conflict between Ukraine and Russia. This coincided with the assassination of a Ukrainian military intelligence officer in a car bombing in Kiev and the start of an EU policy giving Ukrainians visa-free travel, an example of the kind of integration with the West that Russia opposed.
But NotPetya has spread around the world, with devastating results, illustrating the risks of collateral damage from military cyberattacks for people and companies whose lives are increasingly taking place online, even if they live far from conflict zones. Russian companies also suffered when malware began to spread in Russia.
A 2020 United States grand jury in Pittsburgh indicted six Russian military intelligence officers for shutting down the electrical grid and attacking NotPetya, in a court filing showing the costs of launching military-grade malware on the open internet.
The indictment cited three US companies – a FedEx subsidiary; Heritage Valley Health System, a Pennsylvania-based hospital group; and an unidentified pharmaceutical company — collectively suffering nearly $1 billion in damages from computers defended by a Russian cyberweapon initially directed at Ukraine. The global total cost is believed to be much higher
Maria Varnikova contributed to the report.
firstname.lastname@example.org. The content will be deleted within 24 hours.