Cyberattack hits Ukraine’s defense ministry and armed forces
It was not immediately clear who was responsible for the hacking incident. “It’s too early to attribute” responsibility, Victor Zhora, a deputy chairman at the State Service of Special Communications and Information Protection of Ukraine (SSSCIP) — who is investigating the incident — told CNN.
The incident comes as Russia has massed an estimated 150,000 troops close to Ukraine’s border, according to United States President Joe Biden, and as US officials warn that a fresh Russian invasion could come at any time. Russia has denied it is planning to invade Ukraine.
SSSCIP identified the incident as a distributed denial of service (DDoS) attack, which floods a website with phony traffic to disrupt access to it. DDoS attacks are relatively cheap and easy to carry out. While they can be disruptive, they do not necessarily require sophistication.
Ukrainian officials said that by 7:30 p.m. local time (12:30 p.m. ET) access to the websites of the banks — PrivatBank and Oschadbank — had been restored. CNN journalists in Ukraine reported difficulty accessing the websites of the defense agencies Tuesday night.
Ukrainian government officials “continue to monitor and cut off” the Internet Protocol (IP) addresses from which the hackers are flooding Ukrainian websites with traffic, Zhora said.
DDoS attacks can be difficult to trace to their source as hackers can spoof their locations to make it seem they are in a country they are not.
Matt Tait, a cybersecurity expert and former information security specialist with the UK government’s signals intelligence agency, said the DDoS attack appears to “be part of a general campaign of harassment and demoralization against the public encouraged by the Russian government.”
“That said, this is quite distinct from military/kinetic cyberattacks that might be used in direct conflict, such as to disable utilities or achieve direct military objectives,” Tait told CNN. “For this reason, I would urge caution in seeing this event as a direct precursor to invasion.”
Russia routinely denies conducting cyberattacks.