More than a dozen Ukrainian government websites went down on Friday, in a cyber-attack that also targeted embassies.
The foreign and education ministries were among those hit, along with embassies in the UK, US and Sweden.
Before the sites went down a message appeared warning Ukrainians to “prepare for the worst”.
It was unclear who was behind the attack but a spokesman said previous cyber-attacks had come from Russia.
Russia has not yet commented. However, Ukraine’s government has come under intense pressure from its neighbour, with a build-up of some 100,000 Russian troops near its borders.
Ukraine’s SBU security service says in just nine months last year it “neutralised” 1,200 cyber-attacks or incidents.
At the start of Friday’s attack, a message on the hacked websites was posted in three languages, Ukrainian, Russian and Polish.
“Ukrainian! All your personal data has been uploaded onto the public internet,” the message read. It continued: “This is for your past, your present and your future.”
The SBU in Kyiv said later that no personal data had been leaked, according to initial assessments, and no content had been changed.
Among the sites targeted was the Diia website, a key system containing government services that stores personal vaccination data and certificates.
The European Union’s foreign policy chief, Josep Borrell, said all its resources were being mobilised to help Ukraine deal with “this type of cyber-attack”.
A number of sites were suspended to prevent the attack from spreading, the government said, while the security service said many had already been restored.
Was Russia behind it?
While the world has nervously watched Russia’s troop build-up, the cyber security community has been watching and waiting for some sort of cyber incursion.
Hybrid or asymmetric warfare is an established part of modern conflict and Russia has proved itself adept at attacking the cyber realm as well as the physical.
During its 2008 invasion of Georgia, government websites were forced offline by attacks from Russia. And when it seized and annexed Crimea from Ukraine in 2014, Russia was accused of launching an assortment of cyber-attacks to destabilise communications and spread confusion whilst troops overran the region.
This latest attack on Ukrainian websites is consistent with previous events, but it’s also odd.
Threats of deleting personal data are likely hollow, as no data would have been compromised by attacks on public-facing websites.
Instead of a Kremlin-ordered cyber offensive this strikes me as more of a co-ordinated attack by patriotic Russian hackers. The Kremlin may not have ordered it but it certainly won’t turn down any efforts to further wobble Ukraine at this extremely tense time.
