The Ukrainian Ministry of Foreign Affairs (MFA) has confirmed that the official Ukraine.ua website was the subject of a cyberattack.
The Ukraine.ua website was attacked on January 26. The digital portal for foreign audiences has been restored, but the Foreign Ministry said temporary issues are still possible in the near future.
The January 26 incident follows another cyber incident on the MFA website earlier this month, which saw the MFA website and other government agencies temporarily shut down.
With tensions growing between Russia and Ukraine, most suspect that these attacks are carried out by Russian actors.
Russia has previously been accused of leading cyberattacks against Ukraine’s critical infrastructure. In December 2015, a cyberattack on Ukraine’s power grid caused outages for thousands of people and was attributed to a Russian threat group called Sandworm.
In 2016, the Ukrainian power grid was subject to a cyberattack which left the northern part of Kyiv without electricity.
Some fear that with today’s heightened tensions between the two nations, we could see this type of attack again.
The site https://t.co/nMbSzZsJ2n faced a cyberattack. We continue to counter the effects of the cyberattack. MFA specialists 🇺🇦 are taking all measures to restore stable operation of https://t.co/nMbSzZsJ2n. Temporary access problems are always possible.
— MFA of Ukraine 🇺🇦 (@MFA_Ukraine) January 26, 2022
Warning of more to come
The UK’s National Cyber Security Center (NCSC) issued a statement on January 28 warning UK organizations to take action in response to the current situation in and around Ukraine.
The NCSC urges organizations to review guidance issued in response to recent malicious cyber incidents in Ukraine.
“The NCSC is committed to raising awareness of evolving cyber threats and presenting concrete steps to mitigate them. Although we are not aware of any specific cyber threats to UK organizations in relation to events in Ukraine, we are monitoring the situation closely and it is essential that organizations follow the guidelines to ensure they are resilient” , said Paul Chichester, director of operations at NCSC.
Tips include patching systems, enabling multi-factor authentication, implementing an effective incident response plan, verifying that backups are working, ensuring online defenses are working as intended, and update of the latest information on threats and mitigation measures.