Ukraine has ‘evidence’ that Russia was behind cyberattack

The attacks in the early hours of Friday had targeted a total of 70 government websites.


Ukraine said Sunday it had “evidence” Russia was behind a massive cyberattack that knocked out key government websites this past week, while Microsoft warned the hack could be far worse than first thought.

Tensions are at an all-time high between Ukraine and Russia, which Kyiv accuses of having massed troops on its border ahead of a possible invasion.

Some analysts fear the cyberattack could be the prelude to a military attack. 

On Friday, Washington also accused Russia of sending saboteurs trained in explosives to stage an incident that could be the pretext to invade its pro-Western neighbour. 

“All the evidence points to Russia being behind the cyberattack,” the Ukrainian digital transformation ministry said in a statement.

“Moscow is continuing to wage a hybrid war.”

The ministry urged Ukrainians not to panic, saying their personal information was protected. 

The purpose of the attack, it added, “is not only to intimidate society. But to also destabilise the situation in Ukraine, halting the work of the public sector and crushing Ukrainians’ trust in the authorities”.

The Kremlin rejected the claims and said there was no evidence Russia was behind the attack.

“We have nothing to do with it. Russia has nothing to do with these cyberattacks,” President Vladimir Putin’s spokesman, Dmitry Peskov, told CNN.

“Ukrainians are blaming everything on Russia, even their bad weather in their country,” he said in English.

Kyiv said late Friday it had uncovered preliminary clues Russian security services could have been behind the cyberattack.

The SBU security service said the attacks in the early hours of Friday had targeted a total of 70 government websites.

– Microsoft warning – 

Microsoft warned Sunday that the cyberattack could prove destructive and affect more organisations than initially feared.

The US software giant said it continued to analyse the malware and warned it could render government digital infrastructure inoperable.

“The malware, which is designed to look like ransomware but lacking a ransom recovery mechanism, is intended to be destructive and designed to render targeted devices inoperable rather than to obtain a ransom,” the US software giant said in a blog post.

Microsoft said it had not so far identified a culprit behind the attacks but warned that the number of affected organisations could prove larger than initially thought. 

“Our investigation teams have identified the malware on dozens of impacted systems and that number could grow as our investigation continues,” Microsoft said.

“These systems span multiple government, non-profit, and information technology organisations, all based in Ukraine.

“We do not know the current stage of this attacker’s operational cycle or how many other victim organisations may exist in Ukraine or other geographic locations.”

Read more on these topics

Cybercrime Russia

For more news your way

Download our app and read this and other great stories on the move. Available for Android and iOS.