The websites of the Ukrainian army, and major banks were taken offline by a series of cyberattacks.
Ukrainian army's websites were hit by a cyberattack
The websites of the Ukrainian army, defense ministry, and major banks were taken offline by a series of cyberattacks on Tuesday, according to Ukrainian authorities, as emotions over the danger of a Russian invasion remained high.
Despite this, there was no indication that the relatively low-level distributed denial-of-service attacks were a ruse for more significant and damaging cybercrime.
The attacks rendered at least ten Ukrainian websites inaccessible, including the military, foreign, and cultural ministries, as well as Ukraine's two major state banks. Websites are bombarded with a deluge of garbage data packets in such attacks, rendering them unavailable.
“We don’t have any information of other disruptive actions that (could) be hidden by this DDoS attack,” Victor Zhora, a senior Ukrainian cyberdefense official, claimed as much. Emergency response teams were attempting to cut off the attackers and restore services, he said.
Customers at Privatbank, Ukraine's largest state-owned bank, and Sberbank, Ukraine's largest state-owned bank, have complained about problems with online payments and the banks' apps.
According to Doug Madory, director of internet analysis at network management firm Kentik Inc., the attackers targeted the hosting provider for Ukraine's army as well as Privatbank.
In a statement, Zhora's organization, the Ukrainian Information Ministry's Center for Strategic Communications and Information Security, stated there was no threat to depositors' funds. According to Zhora, the attack had no effect on Ukraine's military troops' communications.
He stated that it was too early to identify who was behind the attack.
The statement from the ministry hinted at Russian involvement, “It is possible that the aggressor resorted to tactics of petty mischief because his aggressive plans aren’t working overall,” says Ukraine.
Because attackers frequently strive to obscure their trails, attribution in cyberattacks is generally difficult. “We need to analyze logs from IT providers,” says Zhora.
Ukrainians are always concerned, according to Oleh Derevianko, a leading private-sector expert and founder of the ISSP cybersecurity firm, that such "noisy" cyberattacks could be masking something more sinister.
Fears of a Russian invasion of Ukraine lessened significantly Tuesday after Russia provided hints that it might be backing away from the cliff, but Western nations requested confirmation.
Nonetheless, cyber warfare is characteristic of Russian President Vladimir Putin, who likes to throw his foes off guard.
"These attacks are increasing the level of attention and pressure," said Christian Sorensen, the CEO of cybersecurity firm SightGain and a former US Cyber Command employee. "At this point, the goal is to gain negotiating leverage."
Since 2014, when Russia invaded the Crimean Peninsula and backed separatists in eastern Ukraine, Ukraine has been subjected to a constant diet of Russian cyber assault.
On January 14, a cyberattack using a malware "wiper" camouflaged as ransomware destroyed systems at Ukraine's State Emergency Service and the Motor Transport Insurance Bureau. Given the capability of Russian state-backed hackers, several cybersecurity experts believe this was done on purpose. "Be terrified and expect the worst," said a statement placed on dozens of vandalized Ukrainian government websites at the same time.
The strike on Jan. 14 was "part of a full-scale Russian effort geared at disrupting the situation in Ukraine, aimed at blowing our Euro-Atlantic integration and grabbing power," according to Serhii Demediuk, Ukraine's No. 2 official at the National Security and Defense Council.
In a recent blog post, the cybersecurity firm CrowdStrike predicted that such attacks would continue as Putin tries to "degrade" and "delegitimize" trust in Ukrainian institutions.
Attacks on Ukraine's power infrastructure attributed to Russia's GRU military intelligence agency momentarily knocked down electricity in the winters of 2015 and 2016.
The GRU of Russia has also been implicated for the most damaging hack in history. The NotPetya virus, which targeted organizations doing business in Ukraine in 2017, caused more than $10 billion in damage worldwide. The virus was a "wiper" virus that wiped out entire networks. It was also known as ransomware.
Also read: Putin says Russia is ready to discuss confidence-building measures