The IT Nerd

Today’s cyberattack on Ukrainian government and major bank websites is further proof of how cybercrime is being used to undermine international relations:

On Tuesday, Ukrainian officials said that some of their national security and financial sites are now under attack by hackers, as Russian troops and military equipment remain massed around Ukraine. The Ukrainian Defense Ministry tweeted that its website has likely been hit by a denial-of-service attack, noting that “an excessive number of requests per second was recorded.” The ministry said that it’s working on restoring the website. 

Ukraine’s Center for Strategic Communications and Information Security confirmed reports of the cyber attacks, stating, “For the last few hours, Privatbank has been under a massive DDoS attack.” Users reported that they were having problems with payments, as well as with the app. Some had trouble logging in, while others could not access their balance or recent transactions, according to the center.

Privatbank said that depositors’ funds face “no threat” — it’s just the app that is affected, and financial transactions “are perform[ing] normally.” Oschadbank’s internet banking is down. 

The center theorized, “It is possible that the aggressor resorted to the tactics of petty mischief, because by and large, his aggressive plans do not work.” However, it did not blame Russian President Vladimir Putin for the attacks, and it’s currently not clear who’s behind the attacks. 

The last significant cyberattack on Ukraine took place in January, and Ukraine’s ambassador told CBS News’ Margaret Brennan that an invasion by Moscow was likely to be preceded by hacking.

“If Russia decides on a full invasion, then we know that we should expect increased cyberattacks before that,” Ukrainian Ambassador to the U.S. Oksana Markarova told CBS News.

This has become a big deal as the US is assuming at this point that they will be a target as well. Justin Fier, Director of Cyber Intelligence & Analytics at Darktrace had this to say:

“With limited open-source information available, we must be careful at this stage to point fingers. Misattribution in cyber is a dangerous game, and any miscalculation can be detrimental. This attack could be another actor taking advantage of an already tense situation in the region. 

Current reports suggest this is yet another distributed denial of service (DDoS) attack, an attempt to bring down websites or networks by overwhelming the webserver with internet traffic. These attacks are not particularly sophisticated and relatively easy to mitigate. Attackers know this will make the news and spark global controversy without delivering enough damage to spark an aggressive response from the victim.  

Across our customer base, we sometimes see noisy attack techniques like this used to distract security teams while bad actors remain inside digital systems to carry out more deadly attacks behind the scenes – stealing or altering sensitive data, shutting down critical systems, or simply lying dormant until the right time comes. It remains to be seen whether that is the case here. 

It is alarming but unsurprising to see attackers hit their financial systems, especially when the global economy is facing significant pitfalls – the stakes are higher for defenders, and attackers can maximize damage. The cyber industry has been anticipating an attack of this nature in recent weeks, and until further details emerge, all organizations must be vigilant and heed the cautions issued by national federal agencies.” 

Given the level of tensions when it comes to Ukraine, I for one would not at all be surprised to see more attacks like this in the coming days.

This entry was posted on February 15, 2022 at 3:19 pm and is filed under Commentary with tags Hacked, Ukraine. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.