Current:Home > reviewsUkraine says government websites and banks were hit with denial of service attack -ProfitLogic
Ukraine says government websites and banks were hit with denial of service attack
View
Date:2025-04-11 12:46:16
WASHINGTON — Amid heightened tensions between Russia and Ukraine, multiple Ukrainian government websites and banking systems were temporarily inaccessible to users Tuesday afternoon. But so far it remains unclear who was behind the disruption, and the overall intent.
The outage, which impacted the website of the Ukrainian Defense Ministry and the Armed Services as well as two large Ukrainian banks, Privatbank and Oschadbank, was the result of a digital denial of service attack, according to multiple Ukrainian government agencies.
The reports quickly generated concern, especially given ongoing U.S. government warnings that Russia might launch a massive cyberattack impacting critical infrastructure in Ukraine, such as communications or banking, prior to an invasion.
Digital attackers targeted the organizations' online services to prevent them from functioning properly, but the intrusion fell well short of any kind of massive cyberattack – which would typically involve visible manipulation of content on the websites, penetration of servers, or apparent theft or destruction of data or devices.
The Defense Ministry shared in a tweet that it received an unusually high volume of requests to load the website, suggesting attackers were flooding the servers with illegitimate requests in an attempt to overload them and prevent citizens from accessing the site.
The State Service of Special Communication and Information Protection of Ukraine, which was leading a recent investigation into a website defacement and data destruction campaign linked to Russian hackers last month, published a statement claiming "there is a powerful DDoS attack on a number of information resources of Ukraine," though it also noted that as of Tuesday evening, banking services have already been restored.
Wave of fake messages saying ATMs were down is debunked
There were also reports from the Ukrainian Cyber Police on Tuesday morning debunking a wave of fake SMS messages sent to Ukrainian citizens claiming ATM services were down.
Given that only a few organizations experienced disruptions and the outages were not long-lasting, the impact on Ukrainians' access to their banks and government websites seemed extremely limited. People in Ukraine posted tweets about still being able to access their bank accounts through ATMs, or by using their digital bank cards, and the government agencies were able to communicate with the world through social media during the outage.
But given the heightened tensions in the region and the looming threat of a Russian invasion, these kinds of attacks could have a bigger psychological impact.
Olena Prokopenko, a visiting fellow for the public policy think tank the German Marshall Fund and the co-founder of the Transatlantic Task Force on Ukraine, told NPR these kinds of digital attacks "have been our major concern" over the past few hours. "Hybrid warfare in action," she continued.
For the people of Ukraine, she said, there's some uncertainty because the government has not been communicating clearly about what to do in an emergency.
"People don't understand what to do in case of escalation, so they just choose to carry on, hoping that the military and the government will take care of things," Prokopenko said.
This attack, while rather unsophisticated and short-lived, could be one of the early salvos in a Russian invasion, though it hasn't yet been linked directly to Russia.
DDoS attacks are 'notoriously difficult to attribute'
"Though we've anticipated disruptive Russian attacks against Ukraine, we've seen no evidence of responsibility at this time, and denial of service attacks are notoriously difficult to attribute," said John Hultquist, the vice president of intelligence analysis for the cybersecurity firm Mandiant.
Ukrainian citizens, however, have become used to regular digital attacks from Russia since at least 2014, often much more serious ones, including shutting off the power grid.
John Graham-Cumming, the Chief Technology Officer of Cloudflare, a company that specializes in defending against denial of service attacks, told NPR that his company has actually not seen a huge uptick in malicious traffic on Tuesday that has impacted its customers in Ukraine. The websites and banks impacted, however, are not Cloudflare customers, he said, and Graham-Cumming said it's possible attackers chose to avoid organizations protected by Cloudflare purposely.
Graham-Cumming noted a small uptick in broader attack traffic around lunchtime, but nothing "particularly noteworthy," as well as an increase in digital congestion across the Internet in Ukraine around midday, potentially suggesting an increase in internet searches.
Cybersecurity company Akamai also specializes in defending against denial of service attacks, though it had limited visibility into the attacks in Ukraine on Tuesday. Still, according to Akamai's Chief Security Officer, Boaz Gelbord, "In times of international conflict, DDoS is often the attack tool of choice of threat actors."
veryGood! (9)
Related
- 'As foretold in the prophecy': Elon Musk and internet react as Tesla stock hits $420 all
- As his son faces a graft probe, a Malaysian ex-PM says the government wants to prosecute its rivals
- Criminals are extorting money from taxi drivers in Mexico’s Cancun, as they have done in Acapulco
- Mary Weiss, lead singer of '60s girl group the Shangri-Las, dies at 75
- The White House is cracking down on overdraft fees
- Lamar Jackson vs. Patrick Mahomes is only one of the storylines for AFC championship
- Pennsylvania woman plans to use insanity defense in slaying, dismemberment of parents
- Kourtney Kardashian Shares Penelope Disick's Sweet Gesture to Baby Rocky
- Head of the Federal Aviation Administration to resign, allowing Trump to pick his successor
- Tony Romo once again jumps the gun on Taylor Swift and Travis Kelce's relationship
Ranking
- Which apps offer encrypted messaging? How to switch and what to know after feds’ warning
- Move to repeal new Virginia law on organized retail theft blocked for this year
- Tribes, environmental groups ask US court to block $10B energy transmission project in Arizona
- Russia clashes with US and Ukraine supporters, ruling out any peace plan backed by Kyiv and the West
- Don't let hackers fool you with a 'scam
- Luigi Riva, all-time leading scorer for Italy men’s national team, dies at 79
- When does 'Queer Eye' start? Season 8 premiere date, cast, how to watch and stream
- Following in her mom's footsteps, a doctor fights to make medicine more inclusive
Recommendation
Macy's says employee who allegedly hid $150 million in expenses had no major 'impact'
Alabama student and amateur golfer Nick Dunlap cannot collect $1.5 million from PGA Tour
Burton Wilde: 2024 U.S. Stock Market Optimal Strategy
'Model inmate': Missouri corrections officers seek death penalty reprieve for Brian Dorsey
Could your smelly farts help science?
Tech CEO Sanjay Shah Dead at 56 After Freak Accident at Company Party
What to know for WWE Royal Rumble 2024: Date, time, how to watch, match card and more
The Bachelor Season 28: Meet Joey Graziadei's First Impression Rose Winner