US, UK blame Russia for cyberattacks targeting Ukraine
White House’s chief cyber official says this week’s DDoS attacks had ‘limited impact’ but Moscow may be laying the groundwork for more destructive cyber incursions
The White House blamed Russia on Friday for recent cyberattacks targeting Ukraine’s defense ministry and major banks.
The announcement from Anne Neuberger, the White House’s chief cyber official, was the most pointed attribution of responsibility for cyberattacks that unfolded as tensions escalate between Russia and Ukraine.
The attacks this week, which knocked two major banks and government websites offline, were of “limited impact” since Ukrainian officials were able to quickly get their systems back up and running, but it is possible that the Russians were laying the groundwork for more destructive ones, Neuberger said.
She said the US had rapidly linked the attacks to Russia and was publicly blaming the Kremlin because of a need to “call out the behavior quickly.” She said there was no intelligence indicating that the US would be targeted by a cyberattack.
Ukrainian officials called Tuesday’s distributed denial of service attacks the worst in the country’s history. But while they definitely disrupted online banking, impeded some government-to-public communications and were clearly intended to cause panic, they were not particularly serious by global or historic standards, said Roland Dobbins, the top engineer for DDoS at the cybersecurity firm Netscout.
“Most DDoS attacks succeed due to the lack of preparation on the part of the defenders,” said Dobbins, adding that most commercial mitigation services designed to counter such attacks would likely have been able to fend off Tuesday’s attacks.
The British government on Friday accused Russian intelligence of involvement in the cyberattack.
Kyiv had earlier suggested the attack came from Russia as fears persist that Moscow is planning to invade its Western-backed neighbor Ukraine.
“The government today attributed the distributed denial of service (DDoS) attacks against the Ukrainian banking sector on 15 and 16 February 2022 to have involved the Russian Main Intelligence Directorate,” Britain’s foreign ministry said in a statement.
“The decision to publicly attribute this incident underlines the fact that the UK and its allies will not tolerate malicious cyber activity.”
The affected sites included the Oschadbank state savings bank and Privat — two of the country’s largest financial institutions, as well as the defense ministry.
Both bank sites resumed service later on Tuesday, but the military sites remained inaccessible hours after the initial reports of the attack emerged.
Ukraine’s communications watchdog pointed the finger at Moscow.
“It cannot be excluded that the aggressor is resorting to dirty tricks,” Ukraine’s cyber watchdog said in reference to Russia.
Tuesday’s cyberattack came one month after another strike briefly took down key government websites.