Government and embassy websites in Ukraine have been hit with a large-scale cyber-attack
Over a dozen Ukrainian government websites have been down since Friday, following a cyber-attack that also targeted the embassies. Among the embassies impacted were the UK, US and Sweden, as well as the foreign and education ministries. It is still unclear who is behind the attack. Before the website went down a message appeared on the screens of those affected with a warning that said “prepare for the worst.” A spokesperson has said previous cyber-attacks had originated from Russia, who has not yet provided a comment.
It has been confirmed that as of now no personal data has been leaked, and no content has been changed. Foreign policy chief, Josep Borrell has stated that the EU’s resources are all going toward helping Ukraine deal with this incident.
George Papamargaritis, MSS Director, Obrela Security Industries said that: “currently, it is unclear who is responsible for the attacks, but caution has to be taken when attributing cyber-attacks to a specific country or group operation. A hasty attempt at identification could lead to false attributions of responsibility. Cyber attacks are highly decentralized and in most cases, the actors utilise multiple levels of cross-country access to hide their origin, identity and intent. This is especially true in cyber attacks that affect the integrity and confidentiality of systems and data, attacks that are often carried out by highly sophisticated adversary groups. These adversaries follow a chain of command which crosses country restrictions and may involve multi-national groups with varying levels of knowledge related to the mission objectives. Revealing the originating actors is achieved through cross-country investigation and co-operation, which is crucial as a chain of custody. As such, any actions made in response to a low-confidence attribution of responsibility should be carefully considered, even if the intent is to demonstrate readiness.”
Javvad Malik, lead security awareness advocate at KnowBe4 also commented on the incident: “These attacks show signs of being a coordinated state-backed operation. It highlights the importance for all organizations and countries to take cyber security seriously and invest in the appropriate controls to help prevent, detect, and respond to any attacks. Many times, state-backed actors will also use standard attack methods such as social engineering, taking advantage of unpatched software, or weak credentials. Detection controls could have also helped spot data being inappropriately accessed and exfiltrated. In today’s day and age, protecting data isn’t just about protecting data, but it’s about protecting people.” Read more: https://bit.ly/326fnB3