ANOTHER CYBERATTACK HITS KYIV — Ukrainian government and banking websites again came under attack today, with Ukrainian officials confirming that the Distributed Denial of Service attack had been used to take the websites offline for the second time in a week. But the Ukrainian government had clearly learned lessons from last week's attacks, along with attacks in 2015 and 2016 by Russian hackers that temporarily turned off the lights in parts of the country — lessons they may need with the threat of Russian cyber actions still high. The nature of the attacks might sound familiar: The incidents were similar in scope, with the Ministry of Foreign Affairs and the Security Service of Ukraine's websites temporarily going down along with those of PrivatBank and OschadBank. Ukrainian Deputy Prime Minister Mykhailo Federov confirmed the DDoS attack in a Telegram post this morning. Federov stated that the attack was quickly overcome and websites restored to normal operations, and within an hour, Ukraine's State Service of Special Communications and Information Protection put out a statement acknowledging the attack. The agency stated that the Ukrainian government is "working on countering the attacks, collecting and analyzing information," and urged all victims of the DDoS attacks to contact Ukraine's Computer Emergency Readiness Team. Senate Intelligence Chair Mark Warner (D-Va.) said in an interview with Nightly that the quick response was "a good sign" for where Ukraine's cyber capabilities stand. "Even a week or 10 days ago, I was still concerned that American and Western assistance to the Ukrainian governmental and private sector in cyber was still not being fully received. I think it's gotten better," Warner said. "I don't know specifics, but I think they clearly started to utilize some of those, because they've been able to get a lot of these, from the private sector at least, operations back up and operating quickly within hours." DDoS attacks are notoriously hard to definitively link to specific attackers due to their size and scale, as they involve the attacker overwhelming a network with traffic until it crashes. Despite this difficulty, the Biden administration and the United Kingdom both formally attributed last week's DDoS attacks on Ukrainian websites within days to the Russian government, part of a strategy to call out Russia for its malicious actions in cyberspace. And for Kyiv's part, a government statement today said such attacks "no longer even require detailed technical attribution," naming the source only as "connected with the secret services of the aggressor country." "Russia likes to move in the shadows, and counts on a long process of attribution so it can continue its malicious behavior against Ukraine in cyberspace, including prepositioning for its potential invasion," Anne Neuberger, the deputy national security adviser for cyber and emerging technology, told reporters last week at the White House. "In light of that, we are moving quickly to attribute the DDoS attacks." But even if Ukraine managed to get its systems back up and running quickly today, it is already facing further probing. Symantec Threat Intelligence and ESET Research both announced they had found evidence of destructive malware wipers in Ukrainian systems this afternoon that could be used to disrupt operations in the country. "According to Symantec Threat Hunter telemetry, they have discovered new wiper attacks in Ukraine," said Vikram Thakur, technical director at Symantec Threat Intelligence, a division of Broadcom Software. "We know of at least two organizations who have been targeted." The Biden administration made clear that it stood ready to help Ukraine face these potential further attacks. "We are in communication with Ukraine regarding their cyber related needs, including as recently as today," a White House spokesperson said. "We will move with urgency to assess the nature and extent of this incident, and continue to help Ukraine recover and expose those responsible. We are tracking developments closely and are prepared to respond with resolve to any further Russian escalation in Ukraine." Welcome to POLITICO Nightly. Reach out with news, tips and ideas at nightly@politico.com. Or contact tonight's author at mmiller@politico.com, or on Twitter at @magmill95.
|
No comments:
Post a Comment