DDoS attacks knock Ukrainian government, bank websites offline

Unknown attackers have mounted disruptive distributed denial-of-service (DDoS) attacks against several Ukrainian government organizations and state-owned banks on Tuesday.

The list of targets included the websites of:

• The Ministry of Defence of Ukraine
• The Armed Forces of Ukraine
• The Ukrainian Public Radio
• Privatbank
• Oschadbank

The DDoS attacks’ impact on government sites and bank services

Of these targets, only the public radio’s website remained online and available to users, bearing up against the attack.

The websites of the Ministry of Defence and the armed forces became temporarily unavailable.

“The attackers probably knew that the site was protected from classic DDoS attacks, so they resorted to finding vulnerabilities in the code of the site itself. We can state that, unfortunately, they succeeded,” the Ministry of Defence shared via their Facebook page.

“Our specialists, with the support of all entities involved in cybersecurity, have set up additional protection and some technical work to restore the normal functioning of the web portal. We were also immediately offered support by US partners, providing technical advice and additional protection services, which once again confirms the political agreements on cybersecurity cooperation reached in November 2021.”

The traffic directed at the site is now passing through an additional security service located in the United States, and access to it is again possible.

Privatbank’s and Oschadbank’s websites were inaccessible for hours on Tuesday (PrivatBank’s still is), and Privatbank’s mobile banking app and service Privat24 was affected but, according to them, the depositors’ funds are safe.

Also, in the hours before the attack, some PrivatBank customers received text messages saying that its ATMs are suffering technical malfunctions:

“Cyberpolice officers analyzed the content of text messages and found that they are not phishing, but are part of an information attack and do not correspond to reality,” the Cyberpolice Department of the National Police of Ukraine said. “[We] are currently identifying those involved in the spam.”

PrivatBank’s website is still unavailable and the use of Oschadbank’s site is limited.

The attacks in context

The attacks are believed to be a part of a larger campaign to demoralize Ukrainians, whose country is seemingly on the brink of being invaded by the Russian Federation.

The current situation on the ground is undoubtedly precarious, but the digital smokescreens and official proclamations that may or may not be factually true are making it difficult to discern what may happen next.

The worry following these DDoS attacks is that they served as a deliberate misdirection of attention, and that more serious hacking attempts happened in the background.

Ukrainian government websites have suffered defacements a month ago, followed by a campaing targeting various Ukrainian organizations with wiper malware masquerading as ransomware.