Hackers Take Down Ukraine's Government Websites.
A cyberattack defaced the Foreign Ministry's website with the slogan "Be scared," a day after Moscow and the West held their latest round of talks aimed at averting a Russian invasion.
On Friday, hackers took down multiple Ukrainian official websites, leaving a message on the Foreign Ministry's website that said, "Be scared and prepare for the worst." It was the latest in a slew of cyberattacks on the country during its standoff with Russia.
Friday's strike was foreboding in nature, coming a day after the apparent breakdown of diplomatic discussions between Russia and the West aimed at averting a Russian invasion of Ukraine. The message was published on the foreign ministry's website in Ukrainian, Russian, and Polish.
"The Ministry of Foreign Affairs' and a number of other government agencies' websites are temporarily unavailable due to a large cyber attack," the ministry stated in a statement.
Diplomats and analysts have been anticipating a cyberattack on Ukraine, but establishing such operations has a reputation for being extremely difficult. Ukraine did not directly accuse Russia of the attack, but pointed out that Russia has a lengthy history of cyberattacks on Ukraine.
The decision to post the message in three languages on the foreign ministry's website appeared to be an attempt to obscure the hackers' origins and motivations and shift blame and suspicion elsewhere.
“Ukrainians! "All of your personal information has been uploaded to the internet," stated the statement. "The computer's whole contents are being destroyed. Your entire profile got public. Be fearful and prepared for the worst." Additionally, it resurrected a number of historical resentments between Poland and Ukraine.
The strike occurred within hours of the conclusion of discussions in Europe this week between Russia, the United States, and NATO to find a diplomatic solution following Russia's massing of tens of thousands of troops along the Ukraine border. Moscow has requested significant security concessions, including a guarantee that Ukraine will not be admitted to NATO.
On Thursday, Russian authorities stated that the discussions had failed to produce results and that they were approaching a "dead end."
Sergei A. Ryabkov, Russia's deputy foreign minister, stated following Thursday's session of negotiations that "the US and its allies are effectively saying 'no' to major sections of these documents," referring to two draft treaties on security problems that Russia submitted to NATO and the US. "This is what we refer to as a dead end or a new approach," Mr. Ryabkov explained.
Ukrainian government websites began collapsing a few hours later, according to the Ukrainian Foreign Ministry, which stated that the incident took place overnight between Thursday and Friday.
By morning, the breach had damaged a significant portion of the government's public-facing digital infrastructure, including Diia, the most extensively used website for interacting with the government online. According to the publication Ukrainska Pravda, the program's smartphone app was still operational. Additionally, Diia plays a role in Ukraine's coronavirus response and vaccination promotion.
The attack damaged the Cabinet of Ministers' website, as well as the websites of the ministries of energy, sports, agriculture, veterans' affairs, and ecology, as well as a number of other government websites. The president's and military ministry's websites remained operational.
The Center for Strategic Communications and Information Security, a Ukrainian government organization created to counter Russian disinformation, published a statement more strongly condemning Russia for the attack than the foreign ministry did earlier in the day.
"We have not seen an attack on a government entity of this magnitude in some time," it stated. "We believe the present attack is connected to Russia's recent inability to reach an agreement on Ukraine's NATO membership."
The statement underlined the continuation of Russian military drills along the Ukrainian border in recent days and suggested that "hacking activities directed at governmental bodies may be part of this psychological attack on Ukrainians."
Untangling the digital strands of such cyberoperations can frequently take days or weeks, which is one of the advantages of their employment in contemporary warfare. Sophisticated cybertools have been discovered in standoffs between Israel and Iran, and the US has accused Russia of using hacking to influence the 2016 US presidential election in favor of Donald J. Trump.
Ukraine has long been considered as a proving ground for Russian online operations, a kind of safe haven for cyberweaponry in a country already embroiled in a real-world shooting conflict with Russian-backed separatists in two eastern provinces. The US government has linked several of the decade's most severe cyberattacks to Russian actions in Ukraine.
Tactics first observed in Ukraine have since spread to other countries. For example, a Russian military spyware strain known as X-Agent or Sofacy, which Ukrainian cyber experts believe was used to hack Ukraine's Central Election Commission during the 2014 presidential election, was later discovered on the server of the Democratic National Committee in the United States following the 2016 election hacking attacks.
Other varieties of malware, such as BlackEnergy, Industroyer, and KillDisk, were used to shut down electrical substations in Ukraine in 2015 and 2016, resulting in blackouts, notably in the capital, Kyiv.
The following year, a cyberattack on Ukrainian businesses and government organizations extended throughout the world, maybe accidentally, in what Wired magazine eventually dubbed "the most catastrophic hack in history." The malware, dubbed NotPetya, was designed to attack a particular type of Ukrainian tax preparation software but appears to have gotten out of hand, according to specialists.
At first glance, the attack appeared to be narrowly focused on the Ukraine-Russia war. It occurred concurrently with the death of a Ukrainian military intelligence officer in a car bombing in Kyiv and the implementation of a European Union policy enabling Ukrainians visa-free travel, an illustration of the type of integration with the West that Russia has resisted.
However, NotPetya quickly spread throughout the world, demonstrating the dangers of collateral harm from military hacks for individuals and businesses whose lives are increasingly conducted online, even if they live outside combat zones. Russian businesses were also harmed when the malware began to propagate in the country.
In 2020, a federal grand jury in Pittsburgh charged six Russian military intelligence personnel for the electrical grid shutdowns and the NotPetya attack, illustrating the costs of releasing military-grade malware onto the open internet.
The indictment named three American companies — a FedEx subsidiary; Heritage Valley Health System, a Pennsylvania-based hospital group; and an unidentified pharmaceutical company — that collectively incurred nearly $1 billion in damages as a result of computers being scrambled by the Russian cyberweapon targeted initially at Ukraine. Globally, the cost is estimated to be far higher.