A cyberattack rendered a number of Ukrainian government websites temporarily unavailable on Friday, officials said.
While it was not immediately clear who was behind it, the disruption came amid heightened tensions with Russia and after talks between Moscow and the West failed to yield any significant progress this week.
Ukrainian Foreign Ministry spokesman Oleg Nikolenko told The Associated Press that it was too early to say who might have been behind the attack, “but there is a long list of Russian cyberattacks against Ukraine in the past”.
Moscow has previously denied any involvement in cyberattacks against Ukraine.
The websites of the country’s cabinet, seven ministries, the Treasury, the National Emergency Service and the website of state services, where electronic passports and vaccination certificates of Ukrainians are stored, were temporarily unavailable on Friday as a result of hacking.
The websites contained a message in Ukrainian, Russian and Polish that Ukrainians’ personal data had been leaked into the public domain.
“Be afraid and expect the worst. This is for your past, your present and your future,” the post read in part.
Ukraine’s State Service for Special Communication and Information Protection said that no personal data had been leaked. The country’s minister for digital transformation, Mykhailo Fedorov, said later Friday that “a large part” of the affected websites had been restored.
70 sites concerned
Victor Zhora, vice president of the State Special Communications Service, said no critical infrastructure was affected. Zhora told a press conference on Friday that around 70 websites of national and regional government bodies were affected by the attack.
The hack was tantamount to simply defacing government websites, said Oleh Derevianko, a private sector expert and founder of cybersecurity firm ISSP. Hackers broke into a content management system they all use.
“They didn’t get access to the websites themselves,” Derevianko said.
Derevianko said the hacker may have gained access to the hacked content management system a long time ago, so the question to consider is the timing of the degradation and the provocative message.
“It could be a simple regular information operation [seeking] to undermine government capacity and create and reinforce uncertainty,” Derevianko added. It could also be “part of a planned hybrid attack or a longer-term, more sophisticated cyber operation that is underway but has not been successful.”
The tension is growing
The main question, Derevianko said, is whether this is a stand-alone hacktivist action or part of a larger state-backed operation.
Tensions between Ukraine and Russia have risen in recent months after Moscow rounded up around 100,000 troops near the Ukrainian border, stoking fears of an invasion. Moscow says it has no intention of attacking and rejects Washington’s request to withdraw its forces, saying it has the right to deploy them wherever needed.
The Kremlin demanded security guarantees from the West that NATO would not expand eastward.
Last month, Moscow submitted draft security documents demanding that NATO refuse membership to Ukraine and other former Soviet countries and cancel the alliance’s military deployments in central and eastern Europe. Washington and its allies declined to provide such promises, but said they were ready for talks.
No progress in talks
High-stakes talks this week between Moscow and the United States, followed by a meeting of Russian and NATO representatives and a meeting at the Organization for Security and Cooperation in Europe, will not did not make it possible to move forward immediately.
NATO Secretary General Jens Stoltenberg said Friday that the 30-nation military organization will continue to provide “strong political and practical support” to Ukraine in light of the cyberattacks.
“In the coming days, NATO and Ukraine will sign an agreement on enhanced cybersecurity cooperation, including Ukraine’s access to the NATO Malware Information Sharing Platform. ‘NATO,” Stoltenberg said in a statement.
European Union foreign policy chief Josep Borrell said on Friday that the 27-nation bloc was ready to mobilize all its resources to provide technical assistance to Ukraine and help it improve its ability to do against cyberattacks.
Borrell told a meeting of EU foreign ministers in the French port city of Brest that the bloc would mobilize its rapid response teams online. Borrell added that he would ask member countries to allow Ukraine to benefit from anti-cyberattack resources under the EU’s permanent structured cooperation (PESCO), even if the country is not a member of the EU. ‘union.
“We will mobilize all our resources to help Ukraine deal with these cyberattacks,” Borrell said. “Unfortunately, we expected this to happen.”
Asked who might be behind the attack, Borrell replied: “I can’t point anyone out because I don’t have any evidence, but one can imagine.”