The government of Ukraine on Sunday formally accused Russia of masterminding the attacks that targeted websites of public institutions and government agencies this past week.
“All the evidence points to the fact that Russia is behind the cyber attack,” the Ministry of Digital Transformation said in a statement. “Moscow continues to wage a hybrid war and is actively building forces in the information and cyberspace.”
The purpose of the attack, said the ministry, “is not only to intimidate society,” but to also “destabilize the situation in Ukraine by stopping the work of the public sector and undermining the confidence in the government on the part of Ukrainians.”
Russia, however, has denied it was behind the intrusion. “We have nothing to do with it, and Russia has nothing to do with these cyberattacks,” Dmitry Peskov, press secretary for President Vladimir Putin, told CNN, adding “We are nearly accustomed to the fact that Ukrainians are blaming everything on Russia, even their bad weather.”
The disclosure comes as scores of Ukrainian government websites were vandalized on Friday with an ominous message threatening its citizens to “be afraid and expect the worst” and alleging their personal information had been hacked.
According to the Security Service of Ukraine (SSU), the attack is believed to have been carried out after the malicious actors gained access to the infrastructure of a private company that had the rights to manage some of the affected websites.
Separately, Microsoft warned of destructive data-wiping malware disguised as ransomware being used in attacks against multiple organizations in Ukraine. The company, which is calling this new malware family WhisperGate, attributed it to a threat cluster it’s tracking as DEV-0586.
You may also enjoy reading, The definitions of “recently” and “discovered” leave a lot to be desired
Highly related, Ukraine: Wiper malware masquerading as ransomware hits government organizations
Stay informed with the latest Cybersecurity trends, threats and analysis. Sign up to the realinfosec weekly cybersecurity newsletter today.