US President Joe Biden (left) and Russian President Vladimir Putin. Ukraine said on Sunday that it had evidence that Russia was behind a massive cyberattack that knocked out key government websites. SPUTNIK/AFP
Ukraine on January 16 said it had evidence that Russia was behind a massive cyberattack that knocked out key government websites last week, as Microsoft warned the hack could be far worse than first thought.
Tensions are at an all-time high between Ukraine and Russia, which Kyiv accuses of having massed troops on its border ahead of a possible invasion.
On January 14, Washington also accused Russia of sending saboteurs trained in explosives to stage an incident that could be the pretext to invade its pro-Western neighbour.
“All the evidence points to Russia being behind the cyberattack,” the Ukrainian digital transformation ministry said in a statement.
“Moscow is continuing to wage a hybrid war.”
The purpose of the attack, said the ministry, “is not only to intimidate society. But to also destabilise the situation in Ukraine, halting the work of the public sector and crushing Ukrainians’ trust in the authorities”.
The Kremlin has insisted there was no evidence Russia was behind the attack.
“We have nothing to do with it,” President Vladimir Putin’s spokesman Dmitry Peskov told CNN. “Ukrainians are blaming everything on Russia, even their bad weather in their country,” he said in English.
Kyiv said late on January 14 that it had uncovered the first indications that Russian security services could have been behind the cyberattack.
Ukraine’s SBU security service said the attacks, in the early hours of January 14, had targeted a total of 70 government websites.
The website of the foreign ministry for a time displayed a message in Ukrainian, Russian and Polish that read: “Be afraid and expect the worst.”
Within hours of the breach, the security service said access to most affected sites had been restored and that the fallout was minimal.
But Microsoft warned on January 16 that the cyberattack could prove destructive and affect more organisations than initially feared.
The US software giant said it was continuing to analyse the malware and warned it could render government digital infrastructure inoperable.
“The malware, which is designed to look like ransomware but lacking a ransom recovery mechanism, is intended to be destructive and designed to render targeted devices inoperable rather than to obtain a ransom,” Microsoft said in a blog post.
The number of affected organisations could be larger than initially thought, Microsoft warned.
But Rick Holland, Chief Information Security office at San Francisco-based Digital Shadows, said this kind of attack was part of the Russian playbook.
“Whether Russia encourages other actors or directs cyber operations themselves, Russia seeks to disrupt government and private institutions of their geopolitical opponents.”
John Bambenek, of US cybersecurity firm Netenrich, said: “Recovery depends on each entity, but Ukraine has a long history of responding to and recovering from sabotage attacks from Russia.”
Russia has amassed tanks, artillery and tens of thousands of troops near the border of Ukraine and demanded guarantees that its neighbour will never join NATO.
Senior Russian and Western officials held three rounds of talks in Geneva, Brussels and Vienna without achieving a breakthrough.
By the end of the week, Washington warned that Moscow could stage a false flag operation within weeks to precipitate an invasion.
