KYIV, UKRAINE – A series of cyberattacks on Tuesday brought down the websites of Ukrainian government offices and major banks, Ukrainian authorities said, the attacks came amid tensions strong tension between Russia and the West about Ukraine.
However, it’s too early to tell if low-level denial-of-service attacks can be a smokescreen for more serious and damaging cyber-frauds.
Escalating fears of a Russian invasion of Ukraine eased slightly when Russia signaled on Tuesday that it might be retreating from the brink, but Western powers demanded proof.
At least 10 Ukrainian websites were inaccessible due to a denial of service attack, including those of the Ministry of Defense, the Ministry of Foreign Affairs, the Ministry of Culture, and two of Ukraine’s largest state banks. In such attacks, websites are blocked by a bunch of junk data packets, making them inaccessible.
Customers at Ukraine’s largest state-owned bank, the state-owned Privatbank and Sberbank, have reported problems with online payments and the bank’s applications.
“There is no threat to depositors’ funds,” the Information Security and Strategic Communications Center of the Ukrainian Information Ministry said in a statement. The deputy minister, Victor Zhora, confirmed the cyber attacks.
The ministry suggested that Russia may be behind Tuesday’s incident, but did not provide details. “It is possible that the aggressor used petty mischief tactics, because his aggressive plans did not work overall,” the statement said.
Oleh Derevianko, a leading private sector expert and founder of cybersecurity firm ISSP, said it remains unclear whether Tuesday’s cyberattacks were limited to a denial of service campaign. or not.
“That is exactly the question we always ask,” he said.
Ukraine has been the subject of a steady diet of Russian aggression in cyberspace since 2014, when Russia annexed the Crimean Peninsula and backed separatist forces in eastern Ukraine.
The attacks follow a cyberattack on January 14 that damaged servers at Ukraine’s State Emergency Service Service and at the Motor Transport Insurance Bureau with a malicious “wiper” disguised as ransomware. The damage proved to be minimal – some cybersecurity experts say it was by design, given the ability of Russian state-backed hackers. A message posted simultaneously on dozens of smeared Ukrainian government websites read: “Fear and expect the worst.”
Serhii Demediuk, No. 2 official at Ukraine’s National Security and Defense Council, called Tuesday’s attack “part of a full-scale Russian campaign to destabilize the situation in Ukraine, to aim to explode our Euro-Atlantic integration and take power.”
Cybersecurity company CrowdStrike said in a blog post.
Ukraine was once a leading test site for cyber-warning. In the winter of 2015 and 2016, attacks on Ukraine’s power grid by Russia’s GRU military intelligence agency temporarily cut power.
Russia’s GRU is also said to be perhaps the most devastating cyberattack ever. Targeting companies doing business in Ukraine in 2017, the NotPetya virus caused more than $10 billion in damage worldwide. This virus, also disguised as ransomware, is a “wipe” virus capable of scanning entire networks.