Cyber-attackers vandalize multiple Ukrainian government sites, leave threats

14 January 2022, 12:43 PM

Hackers vandalized multiple website belonging to Ukrainian government bodies and ministers overnight on Jan. 14, with the website of the Ministry of Education, the Ministry of Foreign Affairs, the Diia portal (an e-government app), and others having had their usual content replaced with a threatening message. 

The Education Ministry was the first to report the technical failure of their website, being the first to go down. The message that has replaced all other content on the site blames Ukrainians for various historical events, accompanied images of the Ukrainian emblem, flag, map and the picture of a pig, all crossed out.

Video of day

 The messages read: “Ukrainian! Your data has been leaked to the network. All the data on this computer has been destroyed and cannot be recovered.”

 “Your private data has been made public, fear and expect the worst. This is our payback for your past, present and future…” The threats also referred to controversial episodes of shared Ukrainian and Polish history.

Government officials are encouraging citizens who need to use the services provided on the vandalized sites to get in touch with them via their social media accounts.

 Ukrainian Foreign Ministry spokesperson Oleh Nikolenko wrote on his Twitter account that technical specialists had already started working on restoring web-site functionality. The Ukrainian cyber police launched an investigation into the attack.

 The spokesperson of the Ukrainian Cyberalliance, Andriy Baranovich believes that the cyberattack may have been orchestrated from Russia.

“The EXIF image coordinates indicate a parking space next to the School of Economics in Warsaw,” explained Baranovich, “However, I am certain this attack has been staged to provoke a conflict between Ukraine and Russia.”

EXIF refers to metadata that records additional information about a given image, including date of creation and geo-location. However, geo-location data is typically only recorded for photographs, as the location data itself is pulled from a mobile phone’s GPS functionality when the picture is taken. Composite images, such as the ones used to vandalize Ukrainian web-sites, would be unlikely to store such coordinates by default.

In late December, the U.S. newspaper The New York Times wrote that Russia was preparing cyberattacks, targeting the Ukrainian electric grid and government capabilities. According to the NYT, these cyberattacks were to be expected to hit right after Orthodox Christmas, the end of the last week of January.

Follow us on Twitter, Facebook and Google News

Ukraine Today
Fresh daily newsletter covering the top headlines and developments in Ukraine
Daily at 9am EST
Show more news