Ukraine Defence Ministry Suffers DDoS Attack

Ukraine security services have said it is too early to identify the culprits behind a huge denial-of-service (DDoS) cyberattack on Tuesday.

On Tuesday, Ukraine’s Ministry of Defence suffered from a DDoS attack that prevented users from accessing its website. It confirmed the attack in a tweet on Tuesday evening that its website was being hit with a DDoS attack and that work to restore service was underway. The outage lasted more than four hours.

The Ukrainian government also confirmed that two local banks lost access to online banking services. The Ukrainian government’s Center for Strategic Communications said that PrivatBank faced a “massive DDoS attack” that blocked many online banking services.

Oschadbank also lost all online banking functionality, according to the statement.

DDoS attack

Ilya Vityuk, who heads Ukraine’s security service cyber department, was quoted by Sky News as telling journalists that their only suspect was Russia, although this wasn’t a formal attribution.

Instead the official Ukraine position is it is too early to officially identify the culprits.

Amid the tense military stand-off with Russia, Ukraine last month suffered a massive cyberattack that impacted at least 70 government websites, as well as the US, UK and Swedish embassies.

That Ukraine cyberattack warned the local public to “be afraid and expect the worst”, which Ukraine at the time publicly stated was orchestrated by Russia.

Last month the UK’s GCHQ’s National Cyber Security Centre (NCSC) made clear the need for UK organisations to take action to bolster their cyber security resilience in response to the malicious cyber incidents in and around Ukraine.

However the latest DDoS attack on Tuesday comes amid Russian claims that it has begun withdrawing some of the 150,000 troops it has positioned on the Ukraine border.

However the US and NATO say that Russia has actually increased the number of troops at the border.

Ongoing attacks

Russia of course has invaded Ukraine previously, when it illegally seized and annexed Crimea from Ukraine in 2014.

Prior to that attack Russia engaged in its usual practice of hybrid or asymmetric warfare, and was accused of launching an assortment of cyberattacks to destabilise communications and spread confusion whilst its troops overran the region.

Russia then continued to launch cyberattacks against Ukraine even after that invasion, including attacks on the power grid and government sites.

In the first nine months of 2021, Ukraine’s SBU security service said it had “neutralised” 1,200 cyberattacks or incidents.