Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Ukraine government websites downed by cyberattacks amid Russian invasion

Australian prime minister warned of potential cyberattacks from Russia as it imposes sanctions

Shweta Sharma
Thursday 24 February 2022 09:42 GMT
Comments
Sirens echo through Ukrainian streets amid Russian invasion

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Large-scale cyberattacks plagued the Ukrainian government’s major websites on Thursday morning, as explosions and gunfire shook the capital of Kiev and other major cities amid a Russian invasion.

The websites for Ukraine’s defence, foreign, and interior ministries were unresponsive or slow to load after a slew of dDistributed denial of service (DDoS) attacks struck.

The cyberattacks have been continuing since Wednesday. Digital transformation minister Mykhailo Fedoro said another "mass DDoS attack” hit the country about 4pm on Wednesday.

The DDoS attacks are performed by overwhelming websites with junk traffic to render them unreachable.

The cybersecurity researchers said unidentified attackers had infected hundreds of computers with destructive malware, some in neighbouring Latvia and Lithuania.

Senior Ukrainian cyber defence official Victor Zhora was too overwhelmed to answer when he was asked if the cyberattacks were continuing on Thursday. "Are you serious?" he texted. "There are ballistic missiles here."

"This is terrible. We need the world to stop it. Immediately," Mr Zhora said of the invasion that Vladimir Putin launched on Ukraine in the pre-dawn hours.

The cyberattacks were long anticipated by officials to precede and accompany the Russian military offensive against Ukraine. They were key tools to be used against Ukraine when Kremlin annexed Crimea in 2014 and hackers tried to thwart elections.

Cyberattacks were also used to cause panic, confusion and distraction during offensives against Estonia in 2007 and Georgia in 2008.

Slovak internet security company, ESET Research Labs, confirmed it detected an unseen piece of data-wiping malware on Wednesday on "hundreds of machines in the country”. It was not clear how many networks were affected.

"With regards whether the malware was successful in its wiping capability, we assume that this indeed was the case and affected machines were wiped," said ESET research chief Jean-Ian Boutin.

Without naming the targets, he said they were "large organisations”.

This infographic, created for The Independent by Statista, shows the countries least and most dependent on Russian natural gas
This infographic, created for The Independent by Statista, shows the countries least and most dependent on Russian natural gas (Statista/The Independent)

Meanwhile, Symantec Threat Intelligence said it detected three organisations, including of Ukrainian government contractors in Latvia and Lithuania and a financial institution in Ukraine, were hit by the wiper malware.

Both Latvia and Lithuania are Nato members.

The wipe malware attacks by wiping the hard drive of the computer it infects.

Vikram Thakur, technical director of the intelligence agency, said all three targets had "close affiliation with the government of Ukraine” and were "highly targeted”.

He said roughly 50 computers at the financial outfit were impacted, some with data wiped.

ESET research chief said the malware’s timestamp indicated it was created in late December.

"Russia likely has been planning this for months, so it is hard to say how many organisations or agencies have been backdoored in preparation for these attacks," said Chester Wisniewski, principal research scientist at the cybersecurity firm Sophos.

He believes that the Kremlin intended to "send the message that they have compromised a significant amount of Ukrainian infrastructure and these are just little morsels to show how ubiquitous their penetration is."

The locations of Ukraine’s biggest cities
The locations of Ukraine’s biggest cities (The Independent)

Meanwhile, Australian prime minister Scott Morrison announced to expand financial sanctions on Russia after it invaded Ukraine, adding 25 military persons, four weapons technology companies and four banks to its sanctions list.

He said Canberra must prepare itself for likely cyberattacks from Russia in retaliation for sanctions.

“Cyber attacks are a real threat, and they’re a present threat and that is the most likely response from Russia in terms of what we’ve done,” Mr Morrison told Channel Nine when asked if he expected any retaliation from Russia over sanctions.

Additional reporting by agencies

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in