Cyberattack Takes Out Government Websites And Banks In Ukraine

Things are getting worse on the Ukraine front. And that includes cyberspace. Several Ukrainian government websites were offline Wednesday as a result of a mass distributed denial of service attack, Mykhailo Fedorov, head of Ukraine’s Ministry of Digital Transformation, said in his Telegram channel.

The attack, which also impacted some banks, began around 4 p.m. local time, according to Fedorov. He didn’t say which banks were attacked or what the extent of the damage was. Websites for the Ukrainian Ministry of Foreign Affairs, Cabinet of Ministers and Rada, the country’s parliament, were among those down as of Wednesday morning Eastern time. The government sites were offline as officials attempted to switch traffic elsewhere to minimize damage, he said. A DDoS attack is when a hacker floods a victim’s network or server with traffic so that others are unable to access it.

It’s safe to assume that the Russians are behind this, though that hasn’t been confirmed. Regardless it’s a major escalation as this is the second time this has happened. And it will likely only get worse from here.

UPDATE: Saumitra Das, CTO and Founder, Blue Hexagon had this comment:

“Business leaders should assume that there could be cyber attacks to disrupt operations not just in the infrastructure sector but anywhere disruption helps provide leverage to a nation-state. Nation-state attackers usually can craft mutated attacks to render threat intelligence unhelpful, use living off the land techniques to bypass endpoint security and focus on disruption rather than ransoming data which can in many cases be easier to achieve.”

“Key tactics business leaders need to focus on are: (1) invest in detection and response on both the network (NDR) and endpoint (EDR). Even for criminal gangs which are less sophisticated than nation-state attackers’ prevention-based security like Network Firewall (NGFW) and Endpoint Protection have clearly not worked given the number of ransomware incidents we have seen (2) Use AI-based security to find attacks that are mutated. Rules and signatures have limited effectiveness for nation state attacks. Raise the bar for the attacker (3) Don’t limit to on-premises only because attackers understand that cloud infrastructure for a business tends to be highly misconfigured by developers and provides an easier way in than the on-prem walled gardens. Nation states can easily disrupt a business by taking down workloads in the cloud that handle things like pricing, analytics, payments etc without even breaking into the on-prem infrastructure. “

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: