Several key Ukrainian websites, including those of two of the country’s largest banks and its defense ministry, were temporarily knocked offline Tuesday after an apparent cyberattack.
It was not immediately clear who was behind the attacks.
Ukraine’s Center for Strategic Communications, a government-funded organization aimed at countering disinformation, said in a Facebook post that the websites of PrivatBank and Oscadbank were knocked offline due to a distributed denial of service attack. DDoS attacks flood websites with traffic in an effort to disrupt their operations or knock them offline. The public website for the armed forces of Ukraine was also knocked offline.
The attacks corresponded with what Ukraine's Cyber Police called an “information attack,” where Ukrainian citizens received spam text messages that ATMs were down. It's not clear how many people received the texts or if the DDoS also took any Ukrainian ATMs offline.
John Hultquist, the vice president of threat intelligence at the cybersecurity company Mandiant, said that the spam texts and DDoS attacks might be a coordinated information operation to cause Ukrainians to lose faith in their financial institutions.
“We don’t know the full details of the campaign, but both incidents might be combined to suggest that the security of the financial system is in question,” Hultquist said.
Cybersecurity experts generally regard DDoS attacks as a form of online harassment, and the attacks don’t appear to have compromised any sensitive systems. They come as Russian military forces are positioned along the country’s border with Ukraine, sparking international concern about a possible war.
DDoS attacks are a common but unsophisticated tool in a hacker’s toolbox, relying on a steady torrent of automated traffic to temporarily knock a website offline. Unless paired with other hacking techniques, such attacks do not have consequences beyond website outages. Perpetrators of DDoS attacks can be difficult to trace, and the Center for Strategic Communications did not say who was responsible for Tuesday’s attacks.
Ukrainian officials raise concern over possible Russian cyberattackFeb. 15, 202204:36
But even outages can be a serious inconvenience. With PrivatBank, users couldn’t access the bank’s app and some couldn’t see their balances or recent transactions, though they did not lose funds, the center said in its announcement.
Some users were completely unable to access Privat24, and others weren’t able to see their account balance and recent transactions, it said.
The attacks began Tuesday afternoon, and banking sites had begun to resume normal service after several hours, Ukraine’s State Service of Special Communication and Information Protection said.
Sen. Jim Risch, R-Idaho, ranking member of the Senate Foreign Relations Committee, noted that Russia has often conducted cyberattacks before invading countries in the recent past.
“Every time the Russians have done this, they’ve started with a cyber attack. They did it in Georgia, they did it in Crimea, they did it in Estonia, when they didn’t even go in,” he said. “It’s in their quiver.”
CORRECTION (Feb. 15, 2022, 11:12 p.m. ET): A previous version of this article misidentified the senator who commented on previous Russian cyberattacks. It was Sen. Jim Risch, not Sen. Marco Rubio, R-Fla.