Advertisement

Ukraine says Russia behind cyberattack in ‘hybrid war’ move

Ukraine's Foreign Minister Dmytro Kuleba speaks
Ukraine’s Foreign Minister Dmytro Kuleba speaks with journalists in Brussels on Nov. 15. Ukraine said Sunday that Russia was behind a cyberattack that defaced its government websites and alleged that Russia is engaged in an increasing “hybrid war” against its neighbor.
(Geert Vanden Wijngaert / Associated Press)
Share via

Ukraine said Sunday that Russia was behind a cyberattack that defaced its government websites and alleged that Russia is engaged in an increasing “hybrid war” against its neighbor.

The statement from the Ministry of Digital Development came a day after Microsoft said dozens of computer systems at an unspecified number of Ukrainian government agencies had been infected with destructive malware disguised as ransomware. That disclosure suggested the attention-grabbing defacement attack on official websites last week was a diversion.

“All evidence indicates that Russia is behind the cyberattack. Moscow continues to wage a hybrid war and is actively building up its forces in the information and cyberspaces,” the ministry statement said.

Advertisement

The attack comes as the threat of a Russian invasion of Ukraine looms and diplomatic talks to resolve the tense standoff appear stalled.

Even before his father’s death, the teen had penned a school paper on the pain of life during the pandemic.

Microsoft said in a short blog post Saturday that it first detected the malware Thursday. That would coincide with the attack that simultaneously took some 70 Ukrainian government websites temporarily offline.

Microsoft said in a different, technical post that the affected systems “span multiple government, non-profit, and information technology organizations.” It said it did not know how many more organizations in Ukraine or elsewhere might be affected but said it expected to learn of more infections.

Advertisement

On Sunday, U.S. national security advisor Jake Sullivan said U.S. and private-sector companies were still working to determine the source of the attacks. He said the United States has warned for months about the possibility of cyberattacks from Russia and has been working with Ukraine to improve that country’s defenses.

“This is part of the Russian playbook,” he said on CBS’ “Face the Nation” program.

A top private sector cybersecurity executive in Kyiv, Oleh Derevianko, told the Associated Press that the intruders penetrated the government networks through a shared software supplier in a supply-chain attack like the 2020 SolarWinds Russian cyberespionage campaign that targeted the U.S. government.

In 2017, Russia targeted Ukraine with one of the most damaging cyberattacks on record with the NotPetya virus, causing more than $10 billion in damage globally. That virus, also disguised as ransomware, was a so-called “wiper” that erased entire networks.

Advertisement

In Friday’s mass web defacement, a message left by the attackers claimed they had destroyed data and placed it online, which Ukrainian authorities said had not happened.

The message told Ukrainians to “be afraid and expect the worst.”

Advertisement