A high-volume cyberattack that temporarily blocked access to the websites of Ukrainian defense agencies and banks on Tuesday was “the biggest [such attack] in the history of Ukraine,” but it is too early to say who was responsible, Ukrainian Minister of Digital Transformation Mykhailo Fedorov said at a press conference on Wednesday.
The so-called distributed denial-of-service (DDoS) attack — which strangled Ukrainian websites with bogus traffic — was coordinated and well-planned, officials said. DDoS attacks often disrupt access to computer systems, but their impact can be more psychological than having a direct effect on a country’s critical infrastructure.
After being down for part of the day on Tuesday, the websites of Ukraine’s Ministry of Defense and Armed Forces, and those of two major banks, were back on Wednesday, according to CNN reporters in Ukraine. The DDoS attack, however, is still ongoing, Ukrainian officials said.
The incident comes as Russia has massed about 150,000 troops near the Ukrainian border, according to US President Biden, and US officials are warning that another Russian invasion could come at any moment. Russia has denied plans to invade Ukraine.
The US government is investigating the cyberattack on Ukrainian websites, a senior State Department official said on Wednesday, while suggesting that Russia has a history of carrying out such hacks.
“But who is the best in this field, who uses this weapon all over the world? Obviously the Kremlin,” Political Affairs Undersecretary Victoria Nuland said on “CBS Mornings.”
“While we are still investigating and doing forensics with the Ukrainians, I think the most important thing is that these cyberattacks have not been very successful,” Nuland said.
She thanked Ukrainian officials for responding quickly and helping the websites recover.
Internet traffic hitting Ukrainian websites during the DDoS attack was “three orders of magnitude higher than regularly observed traffic”, according to data collected by cybersecurity firm CrowdStrike.
Ninety-nine percent of the traffic involved some type of digital request to computer servers, “indicating that attackers were trying to overwhelm Ukrainian servers,” said Adam Meyers, senior vice president of intelligence at the security firm. CrowdStrike cybersecurity technology.
A Ukrainian intelligence report recently obtained by CNN highlighted Russian efforts to destabilize “Ukraine’s internal situation using economic, energy, information, cyber, social, ethnic and other tools.”
Ukraine has blamed Russia and Belarus for a separate cyberattack that hit government websites last month. “Following a massive hacker attack on the night of January 14, 2022, the Ukrainian government web pages” have been shut down. The attacks were carried out by a group affiliated with Russian and Belarusian special services,” the Ukrainian intelligence report said.
Similarities in the infrastructure used in Tuesday’s DDoS attack and that of last month suggest the incidents could be linked, Ukrainian officials said Wednesday.
CNN’s Jennifer Hansler and Kylie Atwood contributed to this post.