Massive cyber attack hits Ukrainian e-services

On 25 January, cyberattacks targeted Ukrainian e-services including national gas supplier Naftogaz, postal service Ukrposhta, and Shliakh border crossing system.

byYuri Zoria

25/01/2024

4 minute read

Credit: Freepik

Massive cyber attack hits Ukrainian e-services

On the morning of 25 January, a cyber attack made at least three major Ukrainian e-services temporarily inaccessible, according to Liga. Those affected were the Shliakh information system allowing the male civil volunteers to cross the border, and the online client services of Naftogaz oil and gas company and the Ukrposhta national postal operator. The Russian invasion of Ukraine represents the first modern war with a major cyber warfare component, blending traditional trench warfare akin to early 20th-century conflicts with a highly innovative struggle for cyber dominance. Both Russia and Ukraine conduct cyber attacks on each other's IT systems.

Gas supplier Naftogaz announced the ongoing attack around 10:20 without specifying a timeline for the restoration of its e-services:

"A large-scale cyberattack on one of the data centers used by our companies has been recorded. The websites and call center are down," Naftogaz said in a statement addressed to its customers and the customers and the customers of its subsidiary, Gas Distribution Networks of Ukraine.

On the same morning, the State Service of Ukraine for Transport Safety (Ukrtransbezpeka) also experienced access issues, as reported by its press service. They stated, "Access to the Shliakh system and the official website of Ukrtransbezpeka is temporarily unavailable due to a data center technical failure." The agency anticipates resuming operations soon. Ukraine's national postal service Ukrposhta reported a significant technical failure in its IT systems, affecting its online and offline services:

"Our specialists are actively working to fix the problem and restore full operations, but it may take some time. The offices are now able to issue parcels and accept payments. Other services will resume later," the company said in a statement.

Ukrposhta did not specify if the failure was due to a cyber attack. Liga notes that there are also reports that the website of the state Russian-language TV channel FreeDom experienced issues and has not been updated since yesterday.

War in cyber domain

According to government data, Ukraine recorded nearly 4,000 cyber incidents from January 2022 to September 2023, with most coming from Russia. In October 2023, Ukrainian cybersecurity chief Victor Zhora stated that Ukraine encounters an average of ten major cyber incidents weekly. In September 2023, Estonian Prime Minister Kaja Kallas urged the international community to recognize cyberspace as a critical battlefield in the ongoing war between Russia and Ukraine. These are the examples of Russia's latest known cyberattacks against Ukraine:

A few days ago, external interference with the Lvivteploenergo utility company's e-systems left the southeastern part of Lviv City without heating.
On 19 January, Ukraine's Monobank suffered a disruption in its operations due to a powerful DDoS attack.
On 12 December 2023, Ukraine's top-3 telecom operator, Kyivstar, experienced a major outage, with its subscribers losing mobile and internet connectivity across the country for days after what the company's CEO Oleksandr Komarov referred to as "the world's largest hacker attack on telecom infrastructure."

In turn, the Ukrainian hackers reportedly left part of Moscow without Internet access, targeted a Russian water supply company, stole technical documentation on some 500 Russian defense facilities, and wiped out databases of Russia's taxation service and largest enterprise management system over the last month. On 24 January, Danish Defense Minister Troels Lund Poulsen announced the new $13.2 million donation for Ukraine as “an important contribution to the long-term support for the strengthening of Ukraine’s cyber defense,” with Denmark being an active member of the international Ukraine Defense Contact Group's IT Coalition, an initiative spearheaded by Estonia and Luxembourg since September 2023 to enhance Kyiv’s cybersecurity amid the Russian-Ukraine war.