The Web sites of Ukraine’s defense, foreign and interior ministries were unreachable or painfully slow to load yesterday morning after a punishing wave of distributed denial of service (DDoS) attacks as Russia struck at its neighbor, explosions shaking the capital of Kyiv and other major cities.
In addition to DDoS attacks on Wednesday, cybersecurity researchers said unidentified attackers had infected hundreds of computers with destructive malware, some in neighboring Latvia and Lithuania.
Asked if the DDoS attacks were continuing yesterday morning, Ukrainian cyber defense official Victor Zhora did not answer.
Photo: AP
“Are you serious?” he texted. “There are ballistic missiles here.”
“This is terrible. We need the world to stop it. Immediately,” Zhora said of the offensive that Russian President Vladimir Putin announced in the pre-dawn hours.
Officials have long expected cyberattacks to precede and accompany any Russian military incursion. The combination of malware infections and DDoS attacks, which bombard Web sites with junk traffic to render them unreachable, hewed to Russia’s playbook of combining cyberoperations with real-world aggression.
ESET Research Labs said that on Wednesday it detected a previously unseen piece of data-wiping malware on “hundreds of machines in the country.”
Symantec Threat Intelligence detected three organizations hit by the wiper malware — Ukrainian government contractors in Latvia and Lithuania, and a financial institution in Ukraine, Symantec technical director Vikram Thakur said.
“The attackers have gone after these targets without much caring for where they may be physically located,” he said.
All three had “close affiliation with the government of Ukraine,” Thakur said, adding that Symantec believed the attacks were “highly targeted.” He said roughly 50 computers at the financial outfit were affected, some with data erased.
ESET research chief Jean-Ian Boutin said the malware’s timestamp indicated that it was created in late December.
“Russia likely has been planning this for months, so it is hard to say how many organizations or agencies have been back-doored in preparation for these attacks,” said Chester Wisniewski, principal research scientist at the cybersecurity firm Sophos.
He said that the Kremlin likely intended the malware to “send the message that they have compromised a significant amount of Ukrainian infrastructure and these are just little morsels to show how ubiquitous their penetration is.”
Word of the data wiper follows a January attack that Ukrainian officials blamed on Russia, in which the defacement of some 70 government Web sites was used to mask intrusions into government networks in which at least two servers were damaged with wiper malware masquerading as ransomware.
Cyberattacks have been a key tool of Russian aggression in Ukraine since before 2014, when the Kremlin annexed Crimea and hackers tried to thwart elections. They were also used against Estonia in 2007 and Georgia in 2008. Their intent can be to sow panic, confuse and distract.
DDoS attacks are among the least effective because they do not entail network intrusion. However, the targets on Wednesday included the defense and foreign ministries, the Council of Ministers and Privatbank, the country’s largest commercial bank.
Many of the same sites were similarly knocked offline on Feb. 13 and Monday last week in DDoS attacks that the US and UK governments quickly blamed on Russia’s GRU military intelligence agency.
A spokesman for California-based Cloudflare, which provides services to some of the targeted sites, said on Wednesday that DDoS attacks in Ukraine had been on the rise in the past month, although “relatively modest compared to large DDoS attacks we’ve handled in the past.”
The West blames Russia’s GRU for some of the most damaging cyberattacks on record, including a pair in 2015 and 2016 that briefly knocked out parts of Ukraine’s power grid and the NotPetya “wiper” virus of 2017, which caused more than US$10 billion in damage globally by infecting companies that do business in Ukraine with malware seeded through a tax preparation software update.
The wiper malware detected in Ukraine this year has so far been manually activated, as opposed to a worm like NotPetya, which can spread out of control across borders.
BACKLASH: The National Party quit its decades-long partnership with the Liberal Party after their election loss to center-left Labor, which won a historic third term Australia’s National Party has split from its conservative coalition partner of more than 60 years, the Liberal Party, citing policy differences over renewable energy and after a resounding loss at a national election this month. “Its time to have a break,” Nationals leader David Littleproud told reporters yesterday. The split shows the pressure on Australia’s conservative parties after Prime Minister Anthony Albanese’s center-left Labor party won a historic second term in the May 3 election, powered by a voter backlash against US President Donald Trump’s policies. Under the long-standing partnership in state and federal politics, the Liberal and National coalition had shared power
A Croatian town has come up with a novel solution to solve the issue of working parents when there are no public childcare spaces available: pay grandparents to do it. Samobor, near the capital, Zagreb, has become the first in the country to run a “Grandmother-Grandfather Service,” which pays 360 euros (US$400) a month per child. The scheme allows grandparents to top up their pension, but the authorities also hope it will boost family ties and tackle social isolation as the population ages. “The benefits are multiple,” Samobor Mayor Petra Skrobot told reporters. “Pensions are rather low and for parents it is sometimes
CONTROVERSY: During the performance of Israel’s entrant Yuval Raphael’s song ‘New Day Will Rise,’ loud whistles were heard and two people tried to get on stage Austria’s JJ yesterday won the Eurovision Song Contest, with his operatic song Wasted Love triumphing at the world’s biggest live music television event. After votes from national juries around Europe and viewers from across the continent and beyond, JJ gave Austria its first victory since bearded drag performer Conchita Wurst’s 2014 triumph. After the nail-biting drama as the votes were revealed running into yesterday morning, Austria finished with 436 points, ahead of Israel — whose participation drew protests — on 357 and Estonia on 356. “Thank you to you, Europe, for making my dreams come true,” 24-year-old countertenor JJ, whose
Two people died and 19 others were injured after a Mexican Navy training ship hit the Brooklyn Bridge, New York City Mayor Eric Adams said yesterday. The ship snapped all three of its masts as it collided with the New York City landmark late on Saturday, while onlookers enjoying the balmy spring evening watched in horror. “At this time, of the 277 on board, 19 sustained injuries, 2 of which remain in critical condition, and 2 more have sadly passed away from their injuries,” Adams posted on X. Footage shared online showed the Mexican Navy ship Cuauhtemoc, its sails furled
RSS