Ukrainian government websites hit by cyberattack


The websites of several ministries were affected, including the Ministry of Foreign Affairs and the Ministry of Education and Science. A message posted on the Foreign Ministry’s homepage in Ukrainian, Russian and Polish suggested that users’ data had been compromised and uploaded online, although the hackers did not provide evidence that private information had been taken. been consulted.

A military buildup along the Ukrainian border further strains ties between Russia and the United States, after clashes over cybercrime, expulsions of diplomats and a migrant crisis in Belarus. The WSJ explains what is deepening the rift between Washington and Moscow. Photo Composite/Video: Michelle Inez Simon

“Be afraid and expect the worst,” the message read. The Ukrainian government‘s computer emergency response team said in an online alert that its preliminary analysis indicated that no personal data had been leaked.

A group of Ukrainian government experts said Russia was likely behind the attack, given the timing and content of the message.

“The hacking of Ukrainian government bodies may be part of a psychological attack on Ukrainians,” experts from the Ministry of Culture and Information Policy said in a statement posted on their website.

The Russian Embassy in Washington did not immediately respond to a request for comment. Russia has in the past denied accusations by Kiev and its Western backers of launching cyberattacks in Ukraine.

The hack comes as Russia has rounded up tens of thousands of troops around Ukraine and demanded that the North Atlantic Treaty Organization give a binding guarantee never to grant the former republic membership Soviet. Moscow this week began moving tanks, infantry fighting vehicles, rocket launchers and other military equipment west from bases in the Far East, The Wall Street Journal reported.

The United States and its allies held talks with Russia this week to try to reduce tensions, but they did not yield a breakthrough.

A White House National Security Council spokeswoman said the United States and its partners were concerned about the attack and that President Biden had been notified.

“We have no attribution at this time,” the spokeswoman said. “While we continue to assess the impact with Ukrainians, it appears limited so far with the websites coming back online.”

US officials have said privately for weeks that if Russia decides to invade Ukraine, cyberattacks on its neighbor would likely be among the first signs of aggression. Officials have also warned some U.S. businesses, including the financial sector, that Russia could retaliate against them if the Biden administration seeks to punish Moscow for an invasion.

NATO has warned Russia against using disinformation and cyberattacks to destabilize Ukraine, which seeks to integrate with the West.

NATO Secretary General Jens Stoltenberg on Friday condemned the attack. He said the alliance has been helping Ukraine for several years to strengthen its cyber defenses and that NATO specialists are working with their Ukrainian counterparts to deal with the attack.

Mr Stoltenberg said that NATO and Ukraine would sign an agreement in the coming days to further strengthen cybersecurity cooperation, “including Ukraine’s access to the information-sharing platform on NATO Malware”.

Russian-backed separatists in eastern Ukraine have been fighting government forces for years.



European Union foreign policy chief Josep Borrell said ahead of a meeting of foreign ministers in France on Friday that the bloc would “mobilize all our resources to help Ukraine fight this cyberattack.” He said he had no proof of who was responsible “but we can imagine.”

Moscow says Ukraine is within its sphere of influence and has used military, economic and other measures to bring its neighbor closer. Russia seized Crimea in 2014 and carved out two small self-proclaimed breakaway states that have since been at war with the government in Kiev.

Ukraine’s security service said it was investigating the attack and its effects had mostly been remedied. The Foreign Ministry website was still unavailable mid-afternoon in Kyiv.

The post on the website, since deleted, referred to Ukrainian insurgent fighters during World War II, revered by some in Ukraine for fighting the Nazis and the Soviets, lambasted as “fascists” by Russia and criticized for the massacres of Polish.

Ukraine has been the target of cyberattacks linked to the Russian government in the past, including attacks in 2015 and 2016 that left hundreds of thousands of Ukrainians with blackouts over winter.

In the United States, experts and cybersecurity officials noted that the attacks coincided with the reinforcement of Russian troops and the conclusion of three rounds of talks in Europe on the Ukraine crisis, but said that it was not a reason enough to conclude that Moscow was behind the assault. .

John Hultquist, vice president of intelligence analysis at US cyber firm Mandiant, said it was too early to say who was responsible for the attack and that historically website downgrades were usually ” the realm of low-level hacktivists and hackers”.

Hackers that US and Western officials have linked to Russian military intelligence — a group that Mr. Hultquist and other cybersecurity researchers call Sandworm — have taken over websites in the past. The US and UK governments accused the group of cyberattacks in 2019 against websites run by the Georgian nation’s government, its courts and its media.

“This incident could have been the work of government actors or government-sponsored actors or it could have been the work of elements of civil society responding independently,” said Mr. Hultquist, who personally followed the Sandworm’s activities for seven years. “It is important not to overestimate the capability needed to carry out this attack.”

Write to James Marson at [email protected] and Dustin Volz at [email protected]

Copyright ©2022 Dow Jones & Company, Inc. All rights reserved. 87990cbe856818d5eddac44c7b1cdeb8


Comments are closed.