The Ukrainian Ministry of Defence has been hit by a distributed denial of service (DDoS) attack, knocking its website offline.
On Tuesday afternoon, the Ministry of Defence stated on Twitter that its official website had recorded “an excessive number of requests per second”, leading it to believe that it was “probably” targeted by a DDoS attack.
The site couldn’t be accessed for most of the afternoon, displaying a message stating that it was undergoing maintenance. On Wednesday, the issue seemed to have been resolved.
News of the attack was confirmed by Ukraine’s Centre for Strategic Communications and Information Security, which was founded by the Ministry of Culture and Information Policy of Ukraine with the purpose of tackling misinformation.
Ukraine’s largest commercial bank, PrivatBank, as well as the State Savings Bank of Ukraine, Oschadbank, were also reportedly hit by cyber attacks, with customers unable to log into their accounts. The issue was resolved at around 7pm local time, according to the Centre.
The Centre stated that it wasn’t ruling out “that the aggressor used tactics of little dirty tricks because its aggressive plans are not working out on a large scale”.
Although the perpetrators weren’t officially named, the attacks come amid strained relations with Russia, which in January sent an estimated 150,000 troops to its border with Ukraine. It also comes after Ukraine’s foreign and education ministries, as well as its embassies in the UK, US, and Sweden, fell victim to a "massive" cyber attack in January.
The country had suffered a number of destabilising cyber attacks in the last eight years, with power supplies, shops, and IT systems for the country's banks all being targeted. Although responsibility for the attacks has been attributed to Russia’s "hybrid war" strategy, Putin’s government has denied any involvement.
However, Emsisoft threat analyst Brett Callow told IT Pro that the responsibility and motivation behind Tuesday's attacks are currently unclear:
"DDoS attacks are low-skill, easy to execute, and designed to harass. It would be easy to assume Russia was responsible – and it may well have been – but it could just as easily have been some pro-Russia Ukrainian high school kids or….well, anybody else with an agenda," he said.
January’s cyber attacks on Ukraine’s government websites prompted the National Cyber Security Centre (NCSC) to urge larger UK organisations to “bolster their cyber security resilience”.
The best defence against ransomware
How ransomware is evolving and how to defend against it
“While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient,” said NCSC director of Operations Paul Chichester.
Commenting on the NCSC’s guidance, Bitdefender director of Global MDR Security Operations, Daniel O’Neill, said that the current situation is very different from “the Cold War image of men on park benches, sat in raincoats and hats and hiding behind newspapers”.
“Now it's a new type of espionage behind laptops, that is not only cheaper but arguably easier to achieve given the power we have at our fingertips,” he told IT Pro.
