Ukraine hit by massive cyberattack impacting government websites

14 Jan 2022

Image: © adragan/Stock.adobe.com

‘Be afraid and prepare for the worst’ was one of the messages shown on hacked screens, in an attack suspected to be carried out by Russia.

A massive cyberattack hit Ukraine yesterday (13 January), knocking out more than a dozen government websites.

The cyberattack impacted the websites of Ukraine’s foreign ministry, cabinet of ministers, security and defence councils, as well as its embassies in the UK, US and Sweden, according to multiple reports.

The incident has escalated the eastern European country’s ongoing conflict with Russia, with the Ukrainian government suggesting its neighbour could be behind the attack.

Some of the messages that were shown on the screens of hacked websites read ‘be afraid and prepare for the worst’, ‘all information about you [Ukraine] has become public’ and ‘this is for your past, present and future’.

Most website are now back live with no reports of stolen data and Kyiv has opened an investigation into the matter.

A spokesperson from the foreign ministry of Ukraine told Reuters that while it was too early to determine who was behind the cyberattack, Russia has been known to carry out such attacks in the past.

Ukraine and Russia have been fighting for decades, but relations turned particularly sour after Moscow invaded and annexed Crimea in 2014, followed by a string of Russian aggressions that continues to today. The US warned yesterday that there is a high threat of a Russian military invasion in Ukraine.

The country has been the victim of multiple cyberattacks in recent years that have hit power supplies, halted supermarket tills and crashed banks’ IT systems, according to Reuters, in what Ukraine has dubbed as a “hybrid” war being waged by Russia.

In 2017, a variant of malware known by many names, including GoldenEye and Petya, hit Ukraine and then spread across Europe and the world.

This new variant, NotPetya, was a derivative of the WannaCry ransomware and impacted organisations from Boryspil International Airport in Kyiv to the port of Mumbai. It was found not to be ransomware, but a ‘wiper’ that demanded a bitcoin ransom for file access – with users who paid never recovering the files. The UK government went on to blame Russia for the attack.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Vish Gain is a journalist with Silicon Republic

editorial@siliconrepublic.com