A cyberattack left a number of Ukrainian government websites temporarily unavailable on Friday, officials said.
While it wasn’t immediately clear who was behind it, the disruption came amid heightened tensions with Russia and after talks between Moscow and the West failed to yield any significant progress this week.
Ukrainian Foreign Ministry spokesman Oleg Nikolenko told The Associated Press it was too soon to tell who could have been behind the attack, “but there is a long record of Russian cyber assaults against Ukraine in the past.”
Moscow has previously denied involvement in cyberattacks against Ukraine.
The websites of the country’s cabinet, seven ministries, the Treasury, the National Emergency Service and the state services website, where Ukrainians’ electronic passports and vaccination certificates are stored, were temporarily unavailable Friday as a result of the hack.
The websites contained a message in Ukrainian, Russian and Polish saying that Ukrainians’ personal data has been leaked into the public domain.
“Be afraid and expect the worst. This is for your past, present and future,” the message read, in part.
Ukraine’s State Service of Special Communication and Information Protection said that no personal data has been leaked. The country’s minister for digital transformation, Mykhailo Fedorov, said later on Friday that “a large part” of the affected websites have been restored.
70 sites affected
Victor Zhora, deputy chair of the State Service of Special Communication, said no critical infrastructure was affected. Zhora told a news conference Friday that about 70 websites of both national and regional government bodies have been affected by the attack.
The hack amounted to a simple defacement of government websites, said Oleh Derevianko, a leading private sector expert and founder of the ISSP cybersecurity firm. The hackers got into a content management system they all use.
“They didn’t get access to the websites themselves,” Derevianko said.
Derevianko said the hacker may have gained access to the hacked content management system long ago, so the question to consider is the timing of the defacement and the provocative message.
“It could be just a regular information operation [seeking] to undermine the government’s capability and to create and enhance uncertainty,” added Derevianko. It could also possibly be “part of a planned hybrid attack or longer-term and more sophisticated cyber operation which is underway but has not culminated.”
Tensions running high
The main question, said Derevianko, is whether this is a standalone hacktivist action or part of a larger state-backed operation.
Tensions between Ukraine and Russia have been running high in recent months after Moscow amassed an estimated 100,000 troops near Ukraine’s border, stoking fears of an invasion. Moscow says it has no plans to attack and rejects Washington’s demand to pull back its forces, saying it has the right to deploy them wherever necessary.
The Kremlin has demanded security guarantees from the West that NATO wouldn’t expand eastward.
Last month, Moscow submitted draft security documents demanding that NATO deny membership to Ukraine and other former Soviet countries and roll back the alliance’s military deployments in Central and Eastern Europe. Washington and its allies have refused to provide such pledges, but said they are ready for the talks.
No progress at talks
High-stakes talks this week between Moscow and the U.S., followed by a meeting of Russia and NATO representatives and a meeting at the Organization for Security and Cooperation in Europe, failed to bring about any immediate progress.
NATO Secretary-General Jens Stoltenberg said Friday that the 30-country military organization will continue to provide “strong political and practical support” to Ukraine in light of the cyberattacks.
“In the coming days, NATO and Ukraine will sign an agreement on enhanced cyber cooperation, including Ukrainian access to NATO’s malware information sharing platform,” Stoltenberg said in a statement.
European Union foreign policy chief Josep Borrell said Friday that the 27-nation bloc is ready to mobilize all its resources to provide technical assistance to Ukraine and help it improve its capacity to weather cyberattacks.
Borrell told a meeting of EU foreign ministers in the French port city of Brest that the bloc would mobilize its cyber rapid response teams. Borrell added that he would ask member countries to allow Ukraine to benefit from anti-cyberattack resources within the framework of the EU Permanent Structured Cooperation (PESCO), even though the country isn’t a member of the union.
“We are going to mobilize all our resources to help Ukraine cope with these cyberattacks,” Borrell said. “Sadly, we expected this could happen.”
Asked who could be behind the attack, Borrell said, “I can’t point at anybody because I have no proof, but one can imagine.”