A massive cyberattack warning Ukrainians to “be afraid and expect the worst” hit government websites late on Thursday (13 January), leaving some websites inaccessible on Friday morning and prompting Kyiv to open an investigation.
Ukraine’s foreign ministry spokesperson told Reuters it was too early to say who could be behind the attack but said Russia had been behind similar strikes in the past.
The cyberattack, which hit the foreign ministry, the cabinet of ministers and the security and defence council among others, comes as Kyiv and its allies have sounded the alarm about a possible new Russian military offensive against Ukraine.
“It’s too early to draw conclusions, but there is a long record of Russian (cyber) assaults against Ukraine in the past,” the foreign ministry spokesman told Reuters.
The Russian foreign ministry did not immediately respond to a request for comment. Russia has previously denied being behind cyberattacks on Ukraine.
“Ukrainian! All your personal data was uploaded to the public network. All data on the computer is destroyed, it is impossible to restore it,” said a message visible on the hacked government websites, written in Ukrainian, Russian and Polish.
“All information about you has become public, be afraid and expect the worst. This is for your past, present and future.”
It also references historical places like Wolyn [Volhynia], where during World War II Ukrainian anti-Polish hatred culminated in massacres of Poles, implying the cyberattack is a revenge for those said crimes.
Following a flurry of inconclusive talks this week over security in Europe, the United States warned on Thursday that the threat of a Russian military invasion of Ukraine was high.
Russia said dialogue was continuing but was hitting a dead end as it tried to persuade the West to bar Ukraine from joining NATO and roll back decades of alliance expansion in Europe – demands that Washington has called “non-starters”.
Commenting on the cyberattack, a top Ukrainian security official told Reuters: “All subjects of cybersecurity were aware of such possible provocations by the Russian Federation. Therefore the response to these incidents is carried out as usual.”
The government later said it had restored most of the affected sites and that no personal data had been stolen. A number of other government websites have been suspended to prevent the attack from spreading, it said.
Relations between Ukraine and Russia collapsed after Moscow’s annexation of Crimea in 2014 and the outbreak of war between Kyiv’s forces and Russian-backed separatists in eastern Ukraine that same year.
The United States said on Thursday Russia might be trying to create a pretext to launch a new military assault on Ukraine, comparing the situation to the circumstances in 2014.
Russia warned of possible “catastrophic consequences” if there was no agreement on what the Kremlin has termed security red lines but said Moscow had not given up on diplomacy and would even accelerate it.
The Russian comments reflect a pattern of Moscow saying it wants to pursue diplomacy but rejecting calls to reverse its troop build-up near Ukraine and warning of unspecified consequences for Western security if its demands go unheeded.
Ukraine has suffered a series of cyberattacks since 2014, which have knocked out power supplies, frozen supermarket tills, and forced the authorities to prop up the hryvnia currency after banks’ IT systems crashed.
Ukraine believes the attacks are part of what it calls Russia’s “hybrid war” against Ukraine and its allies.
In 2017, a virus called NotPetya by some experts, hit Ukraine and spread around the world, paralysing thousands of machines as it spread to dozens of countries.
The Kremlin denied any involvement, rejecting “unfounded blanket accusations”.