Investigating sexual violence as war crimes — "He Came Back"
Our War Crimes Investigations Unit released its new documentary, “He Came Back”. The film is about two cases of sexual violence committed by Russian soldiers during the occupation of Kherson and Kyiv oblasts in 2022 — and the process of identifying the offenders. Watch it on our YouTube channel.
Skip to content
Edit post

Major cyberattack hits Ukrainian government websites (UPDATED)

by Anastasiia Lapatina January 14, 2022 9:07 AM 3 min read
The threatening message in Ukrainian, Russian, and Polish that appeared on the government websites targeted by a cyberattack on the night of Jan. 13-14.
This audio is created with AI assistance

Support independent journalism in Ukraine. Join us in this fight.

Become a member Support us just once

Ukraine was hit by a major cyberattack on the night of Jan. 13-14, crashing many government websites, including the Ministry of Foreign Affairs, Ministry of Veterans Affairs, State Emergency Service, Cabinet of Ministers, Ministry of Energy, and the Ministry of Education and Science.

The website of Diia, Ukraine’s e-governance website and app which allows Ukrainians to access their digital documents like passports and driving licenses, was also down on the morning of Jan. 14. The message on the website said it was under maintenance. The Diia app worked normally.

The content of the sites was not changed, and no personal data was leaked, said the State Service for Special Communications and Information Protection of Ukraine in a statement.

By 9 a.m. on Jan. 14, the targeted websites were down, but initially hackers replaced their homepages with a threatening message addressed to Ukrainians.

According to screenshots shared in the media, threats in three languages – Ukrainian, Russian, and Polish – were published on some of the government's websites.

The message claimed that the personal data of Ukrainians was "uploaded to the web" and became public, a claim that couldn't be verified.

"Be scared and expect the worst,” the message reads.

The messages, accompanied with images like a crossed-out Ukrainian flag, implied that the attack was carried out by Russia or in Russia's interests.

The government hasn’t confirmed who is behind the attack.

“Our specialists have already started restoring the work of IT systems, and the cyberpolice has opened an investigation,” tweeted Oleg Nikolenko, the spokesperson of the Ministry of Foreign Affairs.

UPDATE: The attack affected around 70 websites of central and regional authorities, Deputy Head of the State Service for Special Communications and Information Protection Viktor Zhora said during a briefing on Jan. 14.

It was one of the worst cyberattacks against Ukraine in the last four years, he added.

The official also said the agency was first notified about the attack by “information resources of another country,” but refused to state which one. He also said the attack “can be linked to the fact of constant aggression (by Russia),” but specified that it is to early to assert Moscow’s involvement due to insufficient evidence.

CMS vulnerability used?

According to Kim Zetter, an American cybersecurity reporter and expert, hackers may have targeted the websites using a vulnerability in October – a content-management system allegedly used by Ukraine’s government agencies to manage its websites. If the software isn't updated on time, it becomes prone to cyber attacks.

October is a simple software, with “very little knowledge or skill required to exploit” it, according to the CVE Details, an open security vulnerability database. The database gives October a score of 6.4 out of 10 on the Common Vulnerability Scoring System, used to rate the severity of security risks of a computer system, with 10 being the critical vulnerability level.

The Computer Emergency Response Team of Ukraine said that it "can't be ruled out" that the hackers used the October CMS.

Ukraine, Russia and cyberattacks

Earlier, Britain and the United States have sent their cyberwarfare experts to Ukraine to help the country prepare for a major cyberattack from Moscow, the New York Times reported in Dec. of 2021, citing its sources.

The article said the Kremlin’s goal would be to make Ukraine’s president, Volodymyr Zelensky, “look inept and defenseless,” according to American intelligence assessments, “and perhaps provide an excuse for an invasion”. Russia has amassed over 120,000 troops near the borders of Ukraine.

“More than 90% of all attacks coming from abroad are related to Russia and hacking groups funded by the Russian government,” said Yuri Schigol, the head of State Service for Special Communications and Information Protection of Ukraine.

The agency also said it has stopped over 1.7 million cyber attacks on Ukraine’s government institutions in the first five months of 2021.

Russia has already carried out numerous massive cyber attacks against Ukraine in the past.

In 2015, Russian hackers targeted one of Ukraine’s energy companies, leaving around 230,000 Ukrainians in the dark for up to six hours. Next year, Russia similarly attacked Kyiv, causing power outages in large parts of the capital.

The hardest hit came in 2017, when ransomware “NotPetya” spread across Ukrainian ministries, banks, and energy firms. The virus later spread to the US, Denmark, and India, but Ukraine was targeted the most.

Before you skip this banner, we want to tell you something…

The Kyiv Independent doesn’t depend on a wealthy owner or an oligarch — in 2023, 80% of our revenue was from reader contributions . It’s thanks to them that we don’t have to rely on a single owner.

Support us now and help maintain our independent model and keep our articles free for everyone. Your contributions allow us to cover journalists’ salaries, report from the front lines, and fund projects like our War Crimes Investigations Unit.

visa masterCard americanExpress

News Feed

Ukraine Daily
News from Ukraine in your inbox
Ukraine news
Please, enter correct email address
3:36 PM

Putin to visit North Korea, Vietnam this week.

Despite the increasingly strong alliance between Russia and North Korea, Russian President Vladimir Putin has not visited the country since 2000, when he met with previous North Korean leader Kim Jong-Il.
3:33 PM

Magura naval drones can now operate anti-aircraft missiles.

One of the Magura drones has already been equipped with these missiles, creating a serious challenge for the Russian Air Force operating in the region, the commander of the military intelligence Group 13 unit said in an interview with journalist Maksym Krapyvnyi.

Editors' Picks

Enter your email to subscribe
Please, enter correct email address
* indicates required
* indicates required
* indicates required
* indicates required
* indicates required


* indicates required
* indicates required


* indicates required
* indicates required


* indicates required
Successfuly subscribed
Thank you for signing up for this newsletter. We’ve sent you a confirmation email.