The site of the Ukrainian Ministry of Defense and two major banks in the country, PrivatBank and Oschadbank, have been victims of a denial of service cyberattack (DDoS) on February 15. Unattributed, it comes as Russia has been showing signs of de-escalation since the start of the week.
The scope of the cyber attack on Ukraine seems minimal
It was in a tweet published in the evening that the ministry warned that its website was unavailable due to a cyberattack. The Ukrainian services reported that ” Technical work is underway to restore the regular operation of the web portal of the Ministry of Defense of Ukraine “.
Opening of the Cyber campus in Paris: 26,000 square meters in the heart of La Défense
❗️сайт моу зазнав, ймовірно, ddos-атаки: фіксувалася надмірна кількість звернень на секунду.
Проводяться техроботи з відновлення штатного функціонування.
Комунікація через сторінки в FB та Twitter, сайти АрміяInform https://t.co/ukMW41irPW та Армія FM https://t.co/IpDnBXoMXw.— Defense of Ukraine (@DefenceU) February 15, 2022
In a more detailed Facebook post published on February 16, Ukrainian authorities explained that “ The attackers probably knew that the site was protected from classic DDoS attacks, so they managed to find vulnerable places in the code of the site itself “.
The online services of PrivatBank and Oschadbank were made inaccessible for a time, before being restored despite certain “instabilities”. That of the Ministry of Defence, which has since been restored, has remained offline for longer. The authorities justify it with an update for security reasons, in conjunction with the United States.
PrivatBank ensures that the funds of its customers have not been affected. The Ukrainian Ministry of Defense affirms for its part that “ the invaders didn’t break anything, didn’t try to download the channel or stop the provider “.
Denial of service cyberattacks are among the simplest to implement, they consist of overwhelming a request site to cause an overload and take it offline. Despite their rudimentary nature, they can be used as a diversion to introduce malware. It is impossible to say that this was the case here.
Russia as the ideal leader?
Since the announcement of the attack, all eyes have been on Russia. This operation takes place in a context of tension for several months between Russia on the one hand and Ukraine and the NATO countries on the other. 125,000 Russian soldiers have been mobilized near the Ukrainian borders.
Cyberspace plays a key role in these tensions. Ukraine has already been hit by a massive cyberattack in mid-January, knocking dozens of government agency sites offline. Authorities american and Europeans recognize, for their part, that they are preparing for potential attacks from Russia.
Officially, neither the January cyberattack on Ukrainian agencies nor the one that occurred this week was blamed on Russia. Attribution of an operation in cyberspace with a sufficient degree of certainty is always extremely complex. The possibility of action by an opportunistic or self-interested third party without being sponsored should always be borne in mind.
In recent days the trend between Ukraine and Russia has been rather one of relative calm. On February 15, Russian press agencies, relayed by The world, indicated the departure of troops from the southern and western borders of Ukraine, since the end of several army exercises in these regions. The day before, on Russian television, Vladimir Putin and his Foreign Minister Sergei Lavrov staged an exchange on diplomatic dialogue.
Tensions remain high on the Ukrainian border and uncertainty is in order. For its part, the Ukrainian Ministry of Defense says it does not want to “excessively” dramatize this latest cyberattack. He adds that he is aware that other, more serious, could occur in the future.