KYIV, Ukraine—A series of cyberattacks on Tuesday knocked the websites of the Ukrainian army, the defense ministry and major banks offline, Ukrainian authorities said.
Still, there was no indication the relatively low-level, distributed-denial-of-service attacks might be a smokescreen for more serious and damaging cyber mischief.
At least 10 Ukrainian websites were unreachable due to the attacks, including the defense, foreign, and culture ministries and Ukraine’s two largest state banks. In such attacks, websites are barraged with a flood of junk data packets, rendering them unreachable.
“We don’t have any information of other disruptive actions that (could) be hidden by this DDoS attack,” said Victor Zhora, a top Ukrainian cyberdefense official. He said emergency response teams were working to cut off the attackers and recover services.
Customers at Ukraine’s largest state-owned bank, Privatbank, and the state-owned Sberbank reported problems with online payments and the banks’ apps.
Among the attackers’ targets was the hosting provider for Ukraine’s army and Privatbank, said Doug Madory, director of internet analysis at the network management firm Kentik Inc.
“There is no threat to depositors’ funds,” Zhora’s agency, the Ukrainian Information Ministry’s Center for Strategic Communications and Information Security, said in a statement. Nor did the attack affect the communications of Ukraine’s military forces, said Zhora.
It was too early to say who was behind the attack, he added.
The ministry statement suggested Russian involvement: “It is possible that the aggressor resorted to tactics of petty mischief, because his aggressive plans aren’t working overall,” the Ukrainian statement said.
Quick attribution in cyberattacks is typically difficult, as aggressors often try to hide their tracks.
“We need to analyze logs from IT providers,” Zhora said.
On Jan. 14, a cyberattack that damaged servers at Ukraine’s State Emergency Service and at the Motor Transport Insurance Bureau with a malicious “wiper” cloaked as ransomware. The damage proved minimal. A message posted simultaneously on dozens of defaced Ukrainian government websites said: “Be afraid and expect the worst.”
Serhii Demediuk, the No. 2 official at Ukraine’s National Security and Defense Council, called the Jan. 14 attack “part of a full-scale Russian operation directed at destabilizing the situation in Ukraine, aimed at exploding our Euro-Atlantic integration and seizing power.”
In the winters of 2015 and 2016, attacks on Ukraine’s power grid attributed to Russia’s GRU military intelligence agency temporarily knocked out power.
Russia’s GRU has also been blamed for perhaps the most devastating cyberattack ever. Targeting companies doing business in Ukraine in 2017, the NotPetya virus caused over $10 billion in damage worldwide. The virus, also disguised as ransomware, was a “wiper” virus that scrubbed entire networks.