Ukraine’s Ministry of Defense and Armed Forces websites and online services of two state-owned banks were disrupted by suspected cyberattacks on Tuesday, government and bank officials have said.
The country’s defense ministry said in an English-language
post that its web portal suffered a likely distributed denial of service attack, in which hackers flooded the website with traffic to overload its systems and take it offline.
“Scheduled technical work is currently under way on the restoration of the regular functioning of the web portal of the Ministry of Defense of Ukraine,” the ministry said, adding it would share updates through social media.
DDoS incidents also disrupted web services of the Armed Forces of Ukraine and PrivatBank and Oschadbank, the country’s largest lenders, according to the State Service of Special Communication and Information Protection of Ukraine. It said in a statement that a working group of Ukrainian cyber experts “is taking all necessary measures to resist and localize the cyberattack.”
Security experts have warned in recent weeks of cyberattacks targeting Ukrainian infrastructure as Russian troops mass on the country’s border in what Western officials fear is a prelude to an invasion. U.S. and European officials also fear that the effects of more destructive hacking campaigns, such as attacks aimed at disabling computer networks or corrupting sensitive data, could ripple across borders.
Photo:
Serhii Anishchenko/Zuma Press
Victor Zhora, chief digital transformation officer at the State Service of Special Communication and Information Protection of Ukraine, said it is too early to attribute Tuesday’s incidents to a particular hacker or group. He also said “the attack continues.”
The incident at PrivatBank spanned several hours, leaving services including automated teller machines down for an hour, a spokesman said. While the bank restored its services, it still faces “instability” on its Privat24 mobile app and is working to secure its operations, the spokesman said.
Representatives for Oschadbank, the other lender mentioned by Ukrainian officials, didn’t immediately respond to a request for comment.
The White House is aware of the reports and has “reached out to Ukrainian counterparts to offer support in the investigation and response to these incidents,” a National Security Council spokeswoman said. She declined to comment further.
It is possible such attacks could be carried out by Russian-linked hackers or opportunistic cybercriminals, said Kostiantyn Korsun, co-founder of the Ukrainian cyber firm Berezha Security Group. In the past, he said, suspected Kremlin-linked cyberattacks have attempted to sow confusion as part of hybrid warfare against Ukrainians in the eastern part of the country.
Last month, hackers defaced the websites of dozens of Ukrainian government agencies, while at least two agencies also discovered a potentially more destructive “wiper” malware intended to render computer systems inoperable. The Kremlin denied involvement in the incidents.
A disruption of government services can be “very effective because it’s visible for millions of people at the same moment,” Mr. Korsun said.
Officials in the U.S., U.K., Canada and elsewhere in recent weeks have warned that cyberattacks linked to a Russian invasion of Ukraine could spread across international computer networks and disrupt infrastructure.
Last week, the U.S. Cybersecurity and Infrastructure Security Agency issued a “Shields Up” alert urging companies to update their systems, impose multifactor authentication and more aggressively monitor for unusual activity. Some U.S. companies have been taking such actions even if they don’t do business in Ukraine.
“While there are not currently any specific credible threats to the U.S. homeland, we are mindful of the potential for the Russian government to consider escalating its destabilizing actions in ways that may impact others outside of Ukraine,” CISA said.
U.S. and European companies should observe and learn from Tuesday’s attacks and assume they are state-backed, said Christian Sorenson, a former cyberwarfare officer at U.S. Cyber Command who now runs security company SightGain Inc.
“Look at the techniques that they are using, test those techniques against your infrastructure and make sure that you’re blocking, detecting and responding to them, before they’re used against you,” he said.
Some U.S. banks have been running through contingency plans to prepare for Russia-linked incidents, said Tim Eades, chief executive of vArmour, a cybersecurity company advising companies that include financial services firms.
The financial sector must comply with tighter security standards than other sectors but “there’s obviously weaknesses in all things in life,” Mr. Eades said.
—James Rundle, Catherine Stupp and Nicolle Liu contributed to this article.
Write to David Uberti at david.uberti@wsj.com
Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8
24World Media does not take any responsibility of the information you see on this page. The content this page contains is from independent third-party content provider. If you have any concerns regarding the content, please free to write us here: contact@24worldmedia.com
Common Mistakes When Using Athletic Field Tarps
High-Performance Diesel Truck Upgrades You Should Consider
Warehouse Optimization Tips To Improve Performance
Fire Hazards in Daily Life: The Most Common Ignition Sources
Yellowstone’s Wolves: A Debate Over Their Role in the Park’s Ecosystem
Earth Day 2024: A Look at 3 Places Adapting Quickly to Fight Climate Change
Millions of Girls in Africa Will Miss HPV Shots After Merck Production Problem
This Lava Tube in Saudi Arabia Has Been a Human Refuge for 7,000 Years
Four Wild Ways to Save the Koala (That Just Might Work)
National Academy Asks Court to Strip Sackler Name From Endowment
Ways Industrial Copper Helps Energy Production
The Ins and Out of Industrial Conveyor Belts
