- Updated
- World
- Europe
- Cyber warfare
This was published 2 years ago
Massive cyber attack hits Ukraine government websites
Kyiv: Ukraine was hit by a cyberattack splashing a warning across government websites to “be afraid and expect the worst” while the US believes Russia is creating a pretext for its troops to further invade the eastern part of the country.
While it wasn’t immediately clear who was behind the cyberattack, the disruption came amid heightened tensions with Russia and after talks between Moscow and the West failed to yield any significant progress this week.
Ukrainian Foreign Ministry spokesman Oleg Nikolenko told The Associated Press it was too soon to tell who could have been behind the attack, “but there is a long record of Russian cyber assaults against Ukraine in the past.”
Moscow had previously denied involvement in cyberattacks against Ukraine.
US intelligence officials, meanwhile, have determined a Russian effort is underway to create a pretext for its troops to further invade Ukraine, and Moscow has already prepositioned operatives to conduct “a false-flag operation” in eastern Ukraine, according to the White House.
White House press secretary Jen Psaki said on Friday the intelligence findings show Russia is also laying the groundwork through a social media disinformation campaign that frames Ukraine as an aggressor that has been preparing an imminent attack against Russian-backed forces in eastern Ukraine.
Psaki charged that Russia has already dispatched operatives trained in urban warfare who could use explosives to carry out acts of sabotage against Russia’s own proxy forces — blaming the acts on Ukraine — if Russian President Vladimir Putin decides he wants to move forward with an invasion.
“We are concerned that the Russian government is preparing for an invasion in Ukraine that may result in widespread human rights violations and war crimes should diplomacy fail to meet their objectives,” Psaki said.
Pentagon spokesman John Kirby described the intelligence as “very credible.” A US official, who was not authorised to comment on the intelligence and spoke on condition of anonymity, said much of it was gleaned from intercepted communications and observations of the movements of people.
The US intelligence findings, which were declassified and shared with U.S. allies before being made public, estimate that a military invasion could begin between mid-January and mid-February.
Ukraine is also monitoring the potential use of disinformation by Russia. Separately, Ukrainian media on Friday reported that authorities believed Russian special services were planning a possible false flag incident to provoke additional conflict.
The new U.S. intelligence was unveiled after a series of talks between Russia and the US and its Western allies this week in Europe aimed at heading off the escalating crisis made little progress.
The use of false-flag attacks and disinformation is similar to what the Kremlin did in the lead-up to Russia’s 2014 annexation of Crimea, the Black Sea peninsula that had been under Ukraine’s jurisdiction since 1954.
Russia has long been accused of using disinformation as a tactic against adversaries in conjunction with military operations and cyberattacks. In 2014, Russian state media tried to discredit pro-Western protests in Kyiv as “fomented by the US in cooperation with fascist Ukrainian nationalists” and promoted narratives about Crimea’s historical ties to Moscow, according to a report by Stanford University’s Internet Observatory.
Kremlin spokesperson Dmitry Peskov on Friday dismissed Western media reports that said Moscow was preparing a provocation in eastern Ukraine as based on “unfounded” information, TASS news agency reported.
As a result of the cyberattack, the websites of the Ukraine’s Cabinet, seven ministries, the Treasury, the National Emergency Service and the state services website, where Ukrainians’ electronic passports and vaccination certificates are stored, were temporarily unavailable on Friday.
The websites contained a message in Ukrainian, Russian and Polish, saying that Ukrainians’ personal data has been leaked into the public domain. “Be afraid and expect the worst. This is for your past, present and future,” the message read, in part.
Ukraine’s State Service of Special Communication and Information Protection said that no personal data has been leaked. The country’s minister for digital transformation, Mykhailo Fedorov, said later on Friday that “a large part” of the affected websites have been restored.
Victor Zhora, deputy chair of the State Service of Special Communication, said no critical infrastructure was affected. Zhora told a news conference on Friday that about 70 websites of both national and regional government bodies have been affected by the attack.
Tensions between Ukraine and Russia have been running high in recent months after Moscow amassed an estimated 100,000 troops near Ukraine’s border, stoking fears of an invasion. Moscow says it has no plans to attack and rejects Washington’s demand to pull back its forces, saying it has the right to deploy them wherever necessary.
The Kremlin has demanded security guarantees from the West that NATO deny membership to Ukraine and other former Soviet countries and roll back the alliance’s military deployments in Central and Eastern Europe. Washington and its allies have refused to provide such pledges, but said they are ready for the talks.
The US government has held talks with several international energy companies on contingency plans for supplying natural gas to Europe if conflict between Russia and Ukraine disrupts Russian supplies, two US officials and two industry sources told Reuters.
Russia said it dismantled ransomware crime group REvil at the request of the United States in an operation in which it detained and charged the group’s members, the FSB domestic intelligence service said on Friday.
The arrests were a rare apparent demonstration of US-Russian collaboration at a time of high tensions between the two over Ukraine.
The United States welcomed the arrests, according to a senior admininstration official, adding “we understand that one of the individuals who was arrested today was responsible for attack against Colonial Pipeline last spring.”
High-stakes talks this week between Moscow and the US, followed by a meeting of Russia and NATO representatives and a meeting at the Organisation for Security and Cooperation in Europe, failed to bring about any immediate progress.
NATO Secretary-General Jens Stoltenberg said on Friday that the 30-country military organisation will continue to provide “strong political and practical support” to Ukraine in light of the cyber attacks.
“In the coming days, NATO and Ukraine will sign an agreement on enhanced cyber cooperation, including Ukrainian access to NATO’s malware information sharing platform,” Stoltenberg said in a statement.
European Union foreign policy chief Josep Borrell said on Friday that the 27-nation bloc is ready to mobilise all its resources to provide technical assistance to Ukraine and help it improve its capacity to weather cyberattacks.
Russia has long history of launching aggressive cyber operations against Ukraine, including a hack of its voting system ahead of 2014 national elections and an assault the country’s power grid in 2015 and 2016. In 2017, Russia unleashed one of most damaging cyberattacks on record with the NotPetya virus that targeted Ukrainian businesses and caused more than $10 billion in damage globally.
Zhora has told the AP that officials are particularly concerned about Russian attacks on the power grid, rail network and central bank.
AP, Reuters