The hack amounted to a simple defacement of government websites, said Oleh Derevianko, a leading private sector expert and founder of the ISSP cybersecurity firm. The hackers got into a content management system they all use.
“They didn’t get access to the websites themselves,” Derevianko said.
Derevianko said the hacker may have gained access to the hacked content management system long ago so the question to consider is the timing of the defacement and the provocative message.
“It could be just a regular information operation (seeking) to undermine the government’s capability and to create and enhance uncertainty,” added Derevianko. It could also possibly be “part of a planned hybrid attack or longer term and more sophisticated cyber operation which is underway but has not culminated.”
The main question, said Derevianko, is whether this is a standalone hacktivist action or part of a larger state-backed operation.
Tensions between Ukraine and Russia have been running high in recent months after Moscow amassed an estimated 100,000 troops near Ukraine’s border, stoking fears of an invasion. Moscow says it has no plans to attack and rejects Washington’s demand to pull back its forces, saying it has the right to deploy them wherever necessary.
The Kremlin has demanded security guarantees from the West that NATO deny membership to Ukraine and other former Soviet countries and roll back the alliance’s military deployments in Central and Eastern Europe. Washington and its allies have refused to provide such pledges, but said they are ready for the talks.
High-stakes talks this week between Moscow and the US, followed by a meeting of Russia and NATO representatives and a meeting at the Organisation for Security and Cooperation in Europe, failed to bring about any immediate progress.
NATO Secretary-General Jens Stoltenberg said on Friday that the 30-country military organisation will continue to provide “strong political and practical support” to Ukraine in light of the cyber attacks.
“In the coming days, NATO and Ukraine will sign an agreement on enhanced cyber cooperation, including Ukrainian access to NATO’s malware information sharing platform,” Stoltenberg said in a statement.
European Union foreign policy chief Josep Borrell said on Friday that the 27-nation bloc is ready to mobilise all its resources to provide technical assistance to Ukraine and help it improve its capacity to weather cyberattacks.
Borrell told a meeting of EU foreign ministers in the French port city of Brest that the bloc would mobilise its cyber rapid response teams. “We are going to mobilise all our resources to help Ukraine cope with these cyberattacks,” Borrell said. “Sadly, we expected this could happen.”
Asked who could be behind the attack, Borrell said: “I can’t point at anybody because I have no proof, but one can imagine.”
Russia has long history of launching aggressive cyber operations against Ukraine, including a hack of its voting system ahead of 2014 national elections and an assault the country’s power grid in 2015 and 2016. In 2017, Russia unleashed one of most damaging cyberattacks on record with the NotPetya virus that targeted Ukrainian businesses and caused more than $10 billion in damage globally.
Zhora has told the AP that officials are particularly concerned about Russian attacks on the power grid, rail network and central bank.
Experts have said recently that the threat of another such cyberattack is significant as it would give Russian President Vladimir Putin the ability to destabilise Ukraine and other former Soviet countries that wish to join NATO without having to commit troops.
“If you’re trying to use it as a stage and a deterrent to stop people from moving forward with NATO consideration or other things, cyber is perfect,” Tim Conway, a cybersecurity instructor at the SANS Institute, told The Associated Press in an interview last week.