Ukraine government websites downed by cyberattacks amid Russian invasion

Large-scale cyberattacks plagued the Ukrainian government’s major websites on Thursday morning, as explosions and gunfire shook the capital of Kiev and other major cities amid a Russian invasion.

The websites for Ukraine’s defence, foreign, and interior ministries were unresponsive or slow to load after a slew of dDistributed denial of service (DDoS) attacks struck.

The cyberattacks have been continuing since Wednesday. Digital transformation minister Mykhailo Fedoro said another "mass DDoS attack” hit the country about 4pm on Wednesday.

The DDoS attacks are performed by overwhelming websites with junk traffic to render them unreachable.

The cybersecurity researchers said unidentified attackers had infected hundreds of computers with destructive malware, some in neighbouring Latvia and Lithuania.

Senior Ukrainian cyber defence official Victor Zhora was too overwhelmed to answer when he was asked if the cyberattacks were continuing on Thursday. "Are you serious?" he texted. "There are ballistic missiles here."

"This is terrible. We need the world to stop it. Immediately," Mr Zhora said of the invasion that Vladimir Putin launched on Ukraine in the pre-dawn hours.

The cyberattacks were long anticipated by officials to precede and accompany the Russian military offensive against Ukraine. They were key tools to be used against Ukraine when Kremlin annexed Crimea in 2014 and hackers tried to thwart elections.

Cyberattacks were also used to cause panic, confusion and distraction during offensives against Estonia in 2007 and Georgia in 2008.

Slovak internet security company, ESET Research Labs, confirmed it detected an unseen piece of data-wiping malware on Wednesday on "hundreds of machines in the country”. It was not clear how many networks were affected.

"With regards whether the malware was successful in its wiping capability, we assume that this indeed was the case and affected machines were wiped," said ESET research chief Jean-Ian Boutin.

Without naming the targets, he said they were "large organisations”.

Meanwhile, Symantec Threat Intelligence said it detected three organisations, including of Ukrainian government contractors in Latvia and Lithuania and a financial institution in Ukraine, were hit by the wiper malware.

Both Latvia and Lithuania are Nato members.

The wipe malware attacks by wiping the hard drive of the computer it infects.

Vikram Thakur, technical director of the intelligence agency, said all three targets had "close affiliation with the government of Ukraine” and were "highly targeted”.

He said roughly 50 computers at the financial outfit were impacted, some with data wiped.

ESET research chief said the malware’s timestamp indicated it was created in late December.

"Russia likely has been planning this for months, so it is hard to say how many organisations or agencies have been backdoored in preparation for these attacks," said Chester Wisniewski, principal research scientist at the cybersecurity firm Sophos.

He believes that the Kremlin intended to "send the message that they have compromised a significant amount of Ukrainian infrastructure and these are just little morsels to show how ubiquitous their penetration is."

Meanwhile, Australian prime minister Scott Morrison announced to expand financial sanctions on Russia after it invaded Ukraine, adding 25 military persons, four weapons technology companies and four banks to its sanctions list.

He said Canberra must prepare itself for likely cyberattacks from Russia in retaliation for sanctions.

“Cyber attacks are a real threat, and they’re a present threat and that is the most likely response from Russia in terms of what we’ve done,” Mr Morrison told Channel Nine when asked if he expected any retaliation from Russia over sanctions.

Additional reporting by agencies