Cyber-attacks escalate against websites in Ukraine
Ukraine has been hit by more cyber-attacks, which its government says are “on a completely different level.”
Earlier on Wednesday, the websites of several Ukrainian banks and government departments became inaccessible.
At the same time a new “wiper” attack, which destroys data on infected machines, was discovered being used against Ukrainian organisations.
The incident represents the third wave of attacks against Ukraine this year, and the most sophisticated to date.
The latest attack began on Wednesday afternoon when internet connectivity company NetBlocks tweeted about the outages, saying “the incident appears consistent with recent DDoS attacks”.
Distributed denial of service (DDoS) attacks are designed to knock a website offline by flooding it with huge amounts of requests until it crashes.
“Another mass DDoS attack on our state [has] begun,” Ukraine’s Digital Transformation Minister, Mykhailo Fedorov, wrote on Telegram.
Sophisticated wiper
On Wednesday night, Cyber-security experts at ESET and Symantec said they had recorded a second form of attack on computer systems using a sophisticated “wiper” malware.
ESET telemetry shows that the malware was installed on hundreds of machines in the country.
The team says the malicious software showed a timestamp of creation for 28 December 2021, implying that the attack may have been planned since then.
More DDoS attacks
Last week, a similar attack took a smaller number of websites in the country offline.
And cyber authorities in the UK and the US swiftly blamed that attack on Russian hackers under direct orders from the Kremlin.
But Moscow denied being involved – and no official blame has been levelled at Russia for the latest attacks.
In January, the Ukrainian government accused Russia of being behind another DDoS wave, and smaller less sophisticated wave of “wiper” attacks.
Some websites affected were replaced with a warning to Ukrainians to “prepare for the worst”.
Also access to most of the sites was restored within hours.
Hybrid warfare
On Tuesday, the EU announced a cyber rapid-response team (CRRT) was being deployed across Europe, after a call for help from Ukraine.
It is not known if the team of experts from six volunteer countries is helping to defend against this latest attack.
DDoS attacks have been used in various campaigns as a part of Russia’s so-called “hybrid warfare” tactics, combining cyber-attacks with traditional military activity.
DDoS attacks hit Georgia and Crimea during the incursions in 2008 and 2014 respectively.
The EU, UK and Ukraine blamed Russian government hackers for attacks on electricity substations that caused widespread power cuts in 2015 and 2016.
The US, UK and EU has also blamed it for the hugely disruptive NotPetya “wiper” attack, which started in Ukraine but spread globally, causing billions of dollars of damage to computer systems across Europe, Asia, and the Americas.
Moscow denies being behind the attack, calling such claims “Russophobic”.
BBC/Mercy Chukwudiebere