Three years of reporting, funded by our readers — become a member now and help us prepare for 2025.
Goal: 1,000 new members for our birthday. Gift a membership to your friend and help us prepare for what 2025 might bring.
Become a member Gift membership
Skip to content
Edit post

Major cyberattack hits Ukrainian government websites (UPDATED)

by Anastasiia Lapatina January 14, 2022 9:07 AM 3 min read
The threatening message in Ukrainian, Russian, and Polish that appeared on the government websites targeted by a cyberattack on the night of Jan. 13-14.
This audio is created with AI assistance

Ukraine was hit by a major cyberattack on the night of Jan. 13-14, crashing many government websites, including the Ministry of Foreign Affairs, Ministry of Veterans Affairs, State Emergency Service, Cabinet of Ministers, Ministry of Energy, and the Ministry of Education and Science.

The website of Diia, Ukraine’s e-governance website and app which allows Ukrainians to access their digital documents like passports and driving licenses, was also down on the morning of Jan. 14. The message on the website said it was under maintenance. The Diia app worked normally.

The content of the sites was not changed, and no personal data was leaked, said the State Service for Special Communications and Information Protection of Ukraine in a statement.

By 9 a.m. on Jan. 14, the targeted websites were down, but initially hackers replaced their homepages with a threatening message addressed to Ukrainians.

According to screenshots shared in the media, threats in three languages – Ukrainian, Russian, and Polish – were published on some of the government's websites.

The message claimed that the personal data of Ukrainians was "uploaded to the web" and became public, a claim that couldn't be verified.

"Be scared and expect the worst,” the message reads.

The messages, accompanied with images like a crossed-out Ukrainian flag, implied that the attack was carried out by Russia or in Russia's interests.

The government hasn’t confirmed who is behind the attack.

“Our specialists have already started restoring the work of IT systems, and the cyberpolice has opened an investigation,” tweeted Oleg Nikolenko, the spokesperson of the Ministry of Foreign Affairs.

UPDATE: The attack affected around 70 websites of central and regional authorities, Deputy Head of the State Service for Special Communications and Information Protection Viktor Zhora said during a briefing on Jan. 14.

It was one of the worst cyberattacks against Ukraine in the last four years, he added.

The official also said the agency was first notified about the attack by “information resources of another country,” but refused to state which one. He also said the attack “can be linked to the fact of constant aggression (by Russia),” but specified that it is to early to assert Moscow’s involvement due to insufficient evidence.

CMS vulnerability used?

According to Kim Zetter, an American cybersecurity reporter and expert, hackers may have targeted the websites using a vulnerability in October – a content-management system allegedly used by Ukraine’s government agencies to manage its websites. If the software isn't updated on time, it becomes prone to cyber attacks.

October is a simple software, with “very little knowledge or skill required to exploit” it, according to the CVE Details, an open security vulnerability database. The database gives October a score of 6.4 out of 10 on the Common Vulnerability Scoring System, used to rate the severity of security risks of a computer system, with 10 being the critical vulnerability level.

The Computer Emergency Response Team of Ukraine said that it "can't be ruled out" that the hackers used the October CMS.

Ukraine, Russia and cyberattacks

Earlier, Britain and the United States have sent their cyberwarfare experts to Ukraine to help the country prepare for a major cyberattack from Moscow, the New York Times reported in Dec. of 2021, citing its sources.

The article said the Kremlin’s goal would be to make Ukraine’s president, Volodymyr Zelensky, “look inept and defenseless,” according to American intelligence assessments, “and perhaps provide an excuse for an invasion”. Russia has amassed over 120,000 troops near the borders of Ukraine.

“More than 90% of all attacks coming from abroad are related to Russia and hacking groups funded by the Russian government,” said Yuri Schigol, the head of State Service for Special Communications and Information Protection of Ukraine.

The agency also said it has stopped over 1.7 million cyber attacks on Ukraine’s government institutions in the first five months of 2021.

Russia has already carried out numerous massive cyber attacks against Ukraine in the past.

In 2015, Russian hackers targeted one of Ukraine’s energy companies, leaving around 230,000 Ukrainians in the dark for up to six hours. Next year, Russia similarly attacked Kyiv, causing power outages in large parts of the capital.

The hardest hit came in 2017, when ransomware “NotPetya” spread across Ukrainian ministries, banks, and energy firms. The virus later spread to the US, Denmark, and India, but Ukraine was targeted the most.

Three years of reporting, funded by our readers.
Millions read the Kyiv Independent, but only one in 10,000 readers makes a financial contribution. Thanks to our community we've been able to keep our reporting free and accessible to everyone. For our third birthday, we're looking for 1,000 new members to help fund our mission and to help us prepare for what 2025 might bring.
Three years. Millions of readers. All thanks to 12,000 supporters.
It’s thanks to readers like you that we can celebrate another birthday this November. We’re looking for another 1,000 members to help fund our mission, keep our journalism accessible for all, and prepare for whatever 2025 might bring. Consider gifting a membership today or help us spread the word.
Help us get 1,000 new members!
Become a member Gift membership
visa masterCard americanExpress

News Feed

5:29 PM

Zelensky marks Holodomor Remembrance Day.

"They wanted to destroy us. To kill us. To subjugate us. They failed. They wanted to hide the truth and silence the terrible crimes forever. They failed," Zelensky wrote on X, formerly known as Twitter.
5:50 AM

Crimean Tatar editor goes missing in occupied Crimea.

Ediye Muslimova, the editor-in-chief of a Crimean Tatar children's magazine, disappeared in Russian-occupied Crimea on Nov. 21. Local sources say she was forced into a vehicle by three men and is being detained by the Russian FSB.
MORE NEWS

Editors' Picks

Enter your email to subscribe
Please, enter correct email address
Subscribe
* indicates required
* indicates required
Subscribe
* indicates required
* indicates required
Subscribe
* indicates required
Subscribe
* indicates required
Subscribe
* indicates required

Subscribe

* indicates required
Subscribe
* indicates required
Subscribe
* indicates required
Explaining Ukraine with Kate Tsurkan
* indicates required
Successfuly subscribed
Thank you for signing up for this newsletter. We’ve sent you a confirmation email.