Ukraine Says ‘Massive’ Cyberattack Has Russian Fingerprints

January 14, 2022Nolan Peterson
Ukraine Russian cyberattack

Members of the Ukrainian Army’s 93rd Mechanized Brigade on operations in February 2021. Photo by Armed Forces of Ukraine.

KYIV, Ukraine — Ukrainian officials have said Russia is likely to blame for a massive cyberattack that struck multiple government websites in the early morning hours of Friday, Jan. 14.

“This is not the first time or even the second time that Ukrainian internet resources have been attacked by Russian military aggression,” the Ministry of Culture and Information Policy of Ukraine said in a Friday release. “The purpose of such attacks is to destabilize the internal situation in the country, as well as to sow chaos and despair in society.”

Oleg Nikolenko, spokesperson for the Ministry of Foreign Affairs of Ukraine, described the cyberattack as “massive” in a message posted to Twitter on Friday.

Beginning 4 a.m. Friday, a barrage of cyberattacks temporarily disabled the websites of Ukraine’s Ministry of Foreign Affairs and several other government agencies. The hackers left behind messages warning Ukrainians to “be afraid and expect the worst.”

Other Ukrainian government websites targeted in Friday’s hack include: the State Emergency Service, the Ministry of Education, the Ministry of Sport, the Ministry of Energy, and the Ministry of Agrarian Policy. According to Ukraine’s information ministry, no personal data was compromised in the breach. Although an investigation is ongoing, Ukrainian officials say the available evidence suggests that Russia was behind the cyberattack.

Friday’s cyberattacks come at a time of extraordinary tensions. More than 100,000 Russian troops are currently massed on Ukraine’s borders. And with more soldiers and equipment currently streaming in from Russia’s eastern regions, many experts warn that a major Russian offensive in the coming weeks is looking more likely.

While Friday’s cyberattack suggests an overall uptick in Russian scare tactics, cyberwarfare activities intended to support kinetic military operations will be far more punishing, said Richard Stiennon, chief research analyst at IT-Harvest, a US-based cybersecurity firm.

“Defacing government websites is more a tactic of intimidation,” Stiennon told Coffee or Die Magazine. “The actual precursor to an armed invasion will be cyberattacks against the power grid, communications systems, GPS sensors, and radar systems. Because these are acts of war, the warning will be short, less than a day.”

According to Kyiv, Friday’s cyberattack was linked to Russia’s recent military buildup on Ukraine’s border, as well as recent demands by Moscow that NATO make legal guarantees to never admit Ukraine as a member of the Western alliance.

Ukraine soldiers
Ukrainian military forces return from the Donbas front lines in August 2014. Photo by Nolan Peterson.

During Friday’s breaches, the Ukrainian foreign affairs ministry website was replaced by a static screen of text in Russian, Ukrainian, and grammatically flawed Polish, referencing historical enmities between Ukraine and Poland.

“Ukrainian! All your personal data was uploaded to the public network. All data on the computer is destroyed, it is impossible to restore it,” the hackers wrote, adding: “This is for your past, present and future […] and for historical lands.”

Ukrainian officials said the hackers’ message was apparently intended to drive a wedge between Ukraine and its NATO partners — Poland, in particular.

“Russia and its proxies have been working for a long time to quarrel between two friendly neighbors,” Ukraine’s information ministry announced Friday. “After all, the past of Polish-Ukrainian relations is a sensitive topic.”

For its part, NATO immediately condemned Friday’s cyberattack and pledged tighter security cooperation with Ukraine.

“In the coming days, NATO and Ukraine will sign an agreement on enhanced cyber cooperation, including Ukrainian access to NATO’s malware information sharing platform,” NATO Secretary General Jens Stoltenberg said Friday.

“NATO’s strong political and practical support for Ukraine will continue,” Stoltenberg said.

A series of meetings this week between Russian officials and representatives from the US, NATO, and the Organization for Security and Cooperation in Europe failed to defuse the current Ukraine border tensions. Should Russia strike Ukraine, many experts predict the operation would be a multidomain military offensive, involving air, ground, and naval forces — as well as cyberattacks and information warfare actions.

“I do not think anything in cyberspace could be decisive, but cyber operations are now an essential part of peacetime intelligence collection and kinetic military operations,” Kenneth Geers, a Cyber Statecraft Initiative senior fellow at the Atlantic Council, told Coffee or Die.

Russian cyberattack warning
A screenshot of the Ukraine Ministry of Foreign Affairs Website early Friday, Jan. 14, 2022, with a message in Russian, Ukrainian, and Polish.

In 2014, Russia seized Ukraine’s Crimean Peninsula and launched an unconventional invasion of Ukraine’s eastern Donbas region. After nearly eight years, the war in the Donbas is ongoing along a static, entrenched front line.

Since 2014, Russia has effectively used Ukraine as a testing ground for its contemporary cyberwarfare tactics and technologies. Russia has combined the use of conventional military force with cyberattacks and propaganda, both on the battlefield and deep behind the front lines, to spread chaos and confusion.

As air power did after World War I, Russia’s cyberwar against Ukraine has redefined the boundaries of the modern battlefield. Over the years, Russian cyberattacks have hit Ukraine’s water supply systems, the country’s banking system (shutting down ATMs), its largest international airport, and the electoral process. In December 2016, a cyberattack, which Ukrainian officials attributed to Russia, took down one-fifth of Kyiv’s electrical grid.

Ukraine winter warfare
A Ukrainian tank operating in the country’s severe winter conditions in December 2018. Photo by Ministry of Defense of Ukraine.

Russia has also used cyberwarfare as a tactical tool on the battlefield.

During the 2015 battle for Debaltseve in eastern Ukraine, Russian military forces reportedly took over the surrounding cellular network with mobile jamming stations and sent threatening SMS messages to Ukrainian troops. Over the intervening years, Ukrainian soldiers at other locations — both on the Donbas front lines and near Crimea — have reported receiving similar text messages from their Russian adversaries.

Since 2014, Ukrainian security services have thwarted numerous cyberattacks in which malware from abroad was used in attempts to steal classified information from Ukrainian government networks. Since 2014 Ukraine has established a Situation Center for Cybersecurity, and Ukrainian officials have fostered closer ties to Western intelligence agencies.

“Both sides are vulnerable, and Russia will keep that in mind,” Geers said.

Read Next: ‘Emergency Suitcases’ and Mass Evacuation Plans: Ukraine Preps for Worst-Case Russian Attack

Nolan Peterson
Nolan Peterson
Nolan Peterson is a senior editor for Coffee or Die Magazine and the author of Why Soldiers Miss War. A former US Air Force special operations pilot and a veteran of the wars in Afghanistan and Iraq, Nolan is now a conflict journalist and author whose adventures have taken him to all seven continents. In addition to his memoirs, Nolan has published two fiction collections. He lives in Kyiv, Ukraine, with his wife, Lilya.
More from Coffee or Die Magazine
Coffee Or Die Photo
From the Team Room to Team Room Design: An Operator’s Creative Journey

BRCC partners with Team Room Design for an exclusive T-shirt release!

Coffee Or Die Photo
Get Your Viking On: The Exclusive 30 Sec Out BRCC Shirt Club Design

Thirty Seconds Out has partnered with BRCC for an exclusive shirt design invoking the God of Winter.

Grizzly Forge BRCC shirt
Limited Edition: Grizzly Forge Blades on an Awesome BRCC Shirt

Lucas O'Hara of Grizzly Forge has teamed up with BRCC for a badass, exclusive Shirt Club T-shirt design featuring his most popular knife and tiomahawk.

BRCC Limited Edition Josh Raulerson Blackbeard Skull Shirt
From Naval Service to Creative Canvas: BRCC Veteran Artist Josh Raulerson

Coffee or Die sits down with one of the graphic designers behind Black Rifle Coffee's signature look and vibe.

Medal of Honor is held up.
Biden Will Award Medal of Honor to Army Helicopter Pilot Who Rescued Soldiers in Vietnam Firefight

Biden will award the Medal of Honor to a Vietnam War Army helicopter pilot who risked his life to save a reconnaissance team from almost certain death.

dear jack mandaville
Dear Jack: Which Historic Battle Would You Want To Witness?

Ever wonder how much Jack Mandaville would f*ck sh*t up if he went back in time? The American Revolution didn't even see him coming.

west point time capsule
West Point Time Capsule Yields Centuries-Old Coins

A nearly 200-year-old West Point time capsule that at first appeared to yield little more than dust contains hidden treasure, the US Military Academy said.

  • About Us
  • Privacy Policy
  • Careers
Contact Us
Contact Us
© 2024 Coffee or Die Magazine. All Rights Reserved