No fewer than 70 web sites operated by the Ukrainian authorities went offline on Friday for hours in what seems to be a coordinated cyber assault amid heightened tensions with Russia.
“Because of a large cyber assault, the web sites of the Ministry of International Affairs and various different authorities companies are quickly down,” Oleg Nikolenko, MFA spokesperson, tweeted.
The Safety Service of Ukraine, the nation’s law-enforcement authority, alluded to a potential Russian involvement, pointing fingers on the hacker teams related to the Russian secret providers whereas branding the intrusions as a provide chain assault that concerned hacking the “infrastructure of a industrial firm that had entry to the rights to manage the net assets affected by the assault.”
Previous to the replace from the SSU, the Ukrainian CERT claimed that the assaults could have exploited a safety vulnerability in Laravel-based October CMS (CVE-2021-32648), which could possibly be abused by an adversary to achieve entry to an account utilizing a specifically crafted request.
The breach focused various authorities web sites, together with these for Ukraine’s Cupboard, schooling, agriculture, emergency, power, veterans affairs, and surroundings ministries, amongst others, 10 web sites of which have been “subjected to unauthorized interference.”
The safety company, nevertheless, careworn that content material of the websites was not altered and that no delicate private information was stolen.
“Provocative messages have been posted on the primary web page of the web sites,” the SSU stated. “The content material of the websites was not modified, and, in keeping with preliminary data, no leakage of private information occurred.”
That is removed from the primary time Russia has set its sights on Ukraine. In December 2015, a nation-state adversary tracked as Sandworm focused the ability grid, leading to unprecedented blackouts for roughly 230,000 customers within the nation.
Two years later, Ukraine was additionally on the receiving finish of the devastating NotPetya wiper malware marketing campaign by the Sandworm army hackers that erased confidential information from the computer systems of banks and power companies.
Then in November 2021, the SSU unmasked the true identities of 5 Russian intelligence officers allegedly concerned in over 5,000 cyberattacks attributed to a cyber-espionage group named Gamaredon geared toward public authorities and significant infrastructure positioned within the nation.