There are similarities between the cyberattack on Ukrainian government websites that took place on January 13-14 and the DDoS attack on websites and Ukrainian banks that began on February 15, they are traceable to foreign intelligence agencies. This was stated by the head of the cybersecurity department of the Security Service of Ukraine Ilya Vityuk at a briefing on February 16, a GORDON correspondent reports.
“As for this attack, it is too early to talk about specific perpetrators. And you know that in such crimes it is quite hard and lengthy work because of the technical barriers that characterize such crimes,” he said.
Vityuk recalled that the cost of such an attack could reach millions of dollars.
“This is so that all our viewers understand that some individual hacker or even a group of hackers cannot afford to spend such money so that in return they receive absolutely no material benefit. Such attacks always lead states through their special services or under their control the hacker sites they created criminal objects. That is, a special infrastructure is being created for such attacks. Because if today you enter the so-called black market and try to buy such a DDoS attack with such a volume of traffic, it will be impossible. You need to attach hundreds of agents to buy ready-made infrastructure for such attacks “Therefore, we clearly see the trace of foreign intelligence services here. And even today there are some signs of the similarity of the attacks yesterday and today with the attacks that took place on January 13-14. The methodology of these attacks, the method is different, but we see a certain similarity in the infrastructure used by the attackers , and preliminary today we can say that these attacks can be connected,” he said.
The head of the SBU cybersecurity department added that today “the only country that is interested in such image strikes against Ukraine, especially against the backdrop of mass panic about a possible military invasion, is the Russian Federation.”
“But this will be established as part of the investigation,” Vityuk added.
On February 15, it became known that there were failures in the operation of the banking services of PrivatBank and Oschadbank, as well as the websites of the Ministry of Defense and the Armed Forces of Ukraine. As later reported in the State Service for Special Communications, they were caused by a powerful DDoS attack. The media wrote that this DDoS attack – the most powerful of those to which Ukrainian resources were subjected.
Monobank co-founder Oleg Gorokhovsky said that almost all Ukrainian banks were attacked.
By 19.30 the work of banking services was restored, but after 20.00 the portal of public services “Diya” was attacked. Vice Prime Minister – Minister of Digital Transformation of Ukraine Mikhail Fedorov said that the attack began from Russia and China, and when it was “repulsed”, it returned from the Czech Republic and Uzbekistan. According to the Deputy Prime Minister, for users of “Dії” the attack was imperceptible.
The National Police opened criminal proceedings on the fact of DDoS attacks under Art. 361 (unauthorized intervention in the operation of automated systems) and art. 363-1 (intentional mass distribution of telecommunication messages, which led to disruption of automated systems) of the Criminal Code of Ukraine.
On February 16, the Ministry of Defense reported that the department’s website was subjected to an unprecedented DoS attack, which is still ongoing.
Kremlin speaker Dmitry Peskov said on February 16 that Russia was not involved in cyber attacks on Ukrainian resources.
Vice Prime Minister – Minister of Digital Transformation Mikhail Fedorov said at a briefing that a DDoS attack on February 15 was the largest in the history of Ukrainebut the sites quickly resumed work.
Viktor Zhora, deputy head of the State Special Communications Service, said that the attacks continue on February 16, but the situation is completely under control.
Deputy Secretary of the National Security and Defense Council Serhiy Demedyuk said that the purpose of the attack was informational and psychological and there were no financial losses.
The previous powerful cyber attack on Ukrainian sites took place a month ago, on the night of January 14th. The State Service for Special Communications stated that this attack was the most powerful in the last four years. As a result, about 70 websites of Ukrainian government agencies, both regional and national, were affected. The websites of a number of ministries, the portal of the judiciary of Ukraine, the Unified Register of Court Decisions and the website of the Supreme Court did not work.
The Ukrainian Foreign Ministry hinted at the Russian trail of hacking. The connection of the attack with Russia is also allowed at the Center for Strategic Communications under the Ministry of Culture and Information Policy. Oleksiy Danilov, Secretary of the National Security and Defense Council of Ukraine, has no doubts about the involvement of the Russian Federation in the incident. His deputy Sergei Demedyuk believes that the cyberattack may be related to the special services of Belarus.
The SBU is investigating the involvement of the Russian special services in the incident.