Ukraine says government websites hit by ‘massive cyberattack’

Ukraine said it was the target of a “massive cyberattack” after around 70 government websites went out of business.

On Friday morning, the targets included the websites of the cabinet minister, ministries of foreign affairs, education, agriculture, emergencies, energy, veterans and environment. The public treasury websites and the electronic public services platform Diia, where vaccination certificates and electronic passports are stored, were also down.

“Ukrainians! All your personal data has been uploaded to the public network,” read a message temporarily posted on the Foreign Ministry website. “All data on your computer is being erased and will not be recoverable. All information about you has become public, fear and expect the worst.

Viktor Zhora, deputy director of Ukraine’s state agency for special communication and information protection, told reporters on Friday that it was “the most powerful attack in four years”. with the removal of around 70 central and regional government websites.

“I want to emphasize that as a result of the attack on the sites, the personal data of Ukrainians was not distorted in any way, important data was not disclosed, the content of the site was not not been damaged and some sites were forced to close,” he said.

“As soon as we ensure that there are no third parties in the system, that there is no malicious code and that we gather all the necessary evidence, the work of these sites will be restored”, has said Zhora.

The incident follows tense negotiations this week between the United States, NATO, Western allies and Russia aimed at dissuading Russian President Vladimir Putin from opting for a deeper invasion of Ukraine. Moscow annexed Ukraine’s Crimean peninsula in 2014.

Ukrainian officials recently warned that cyberattacks and other efforts to destabilize the country would be the prelude to further aggression. Authorities, however, did not blame Friday’s assault.

“As a result of a massive cyberattack, the websites of the Ministry of Foreign Affairs and a number of other government agencies are temporarily unavailable,” the Ukrainian Foreign Ministry said. “Our specialists are already working to restore the functioning of computer systems, and the cyber police have opened an investigation.”

The message left by the hackers, published in Ukrainian, Russian and Polish, added: “This is for your past, your present and your future. For Volyn, for the OUN UPA [Organization of Ukrainian Nationalists/Ukrainian Insurgent Army], for Halychyna, for Polissya and for historical lands.

Comments at the end of the post referred to Ukrainian insurgent fighters during World War II and appeared to chastise Ukraine for ethnic clashes and atrocities. Poland and Ukraine accuse each other of committing atrocities during the period in the region, which the countries have been jostling for centuries.

The hackers’ post also included defaced images of Ukraine’s national symbols, with a line running through the flag, coat of arms and a map of the country.

It was not immediately clear whether the hijackers were Polish or an attempt to incite division between Ukraine and Poland, one of Kiev’s strongest European allies in the face of Russian aggression.

Julianne Smith, the US ambassador to NATO, said the US would wait “to see what we find out today.” She added that evidence of a Russian cyberattack would “certainly” be classified as an example of renewed aggression against Ukraine, which could trigger Western sanctions against Moscow.

“We are watching everything Russia is going to do towards Ukraine,” she said. “We are mindful of some of the efforts to destabilize Ukraine from within. We all understand that there are a range of scenarios that could unfold with regard to what happens between Russia and Ukraine.

Josep Borrell, a senior Brussels diplomat, said the EU’s political and security committee and cyber units will meet to see how to help Kyiv.

“We will mobilize all our resources to help Ukraine deal with this cyberattack. Unfortunately, we knew it could happen,” Borrell was quoted as saying by Reuters at a meeting of EU foreign ministers in Brest, western France. “It’s hard to say [who is behind it]. I can’t blame anyone as I have no proof, but we can imagine.

Ukraine’s state security service SBU said in a statement that “provocative messages were posted on the main page of these sites.”

“The content of the sites has not been modified and the leak of personal data, according to preliminary information, has not taken place,” the SBU added.

Oleksiy Danilov, Ukraine’s national security chief, told the Financial Times late last year that Ukraine had faced “continuous” Russian cyberattacks and other attempts to destabilize the country since Moscow annexed Crimea and orchestrated a separatist proxy war in its eastern regions.

“Domestic destabilization is the immediate objective” of Russia before unleashing a possible deeper military incursion, he said, “first through cyber warfare, unleashing an energy crisis and an information war” .

Copyright The Financial Times Limited 2022

© 2022 Financial Times Ltd.. All rights reserved Not to be redistributed, copied or modified in any way.