Suspected Russian hackers leave message warning: ‘Ukrainians … be afraid and expect worse’
Ukraine has been hit by a “massive” cyber-attack, with the websites of several government departments including the ministry of foreign affairs and the education ministry knocked out.
Officials said it was too early to draw any conclusions but they pointed to a “long record” of Russian cyber assaults against Ukraine, with the attack coming after security talks between Moscow and the US and its allies this week ended in stalemate.
Suspected Russian hackers left a message on the foreign ministry website, according to reports. It said: “Ukrainians! … All information about you has become public. Be afraid and expect worse. It’s your past, present and future.”
The message reproduced the Ukrainian flag and map crossed out. It mentioned the Ukrainian insurgent army, or UPA, which fought against the Soviet Union during the second world war. There was also a reference to “historical land”.
In a message to the Guardian, the foreign ministry’s spokesperson, Oleg Nikolenko, said: “As a result of a massive cyber-attack, the website of the ministry of foreign affairs and other government agencies are temporarily down.”
He added: “Our specialists have already started restoring the work of IT systems and the cyber-police has opened an investigation.”
Nato’s secretary general Jens Stoltenberg and Josep Borrell, the EU’s top diplomat, condemned the attacks. Borrell said the EU’s political and security committee and cyber units would meet to decide how to respond and to support Kyiv.
“We are going to mobilise all our resources to help Ukraine to tackle this. Sadly, we knew it could happen,” he said. He added: “It’s difficult to say [who is behind it]. I can’t blame anybody as I have no proof. But we can imagine.”
Stoltenberg said Nato and Ukraine would in the coming days sign an agreement on enhanced cyber cooperation. Kyiv would get access to Nato’s malware information sharing platform, he said.
Sweden’s foreign minister, Ann Linde, said the west must stand up to any Russian aggression. “We have to be very firm in our messages to Russia, that if there are attacks against Ukraine, we will be very harsh and very strong and robust in our response,” she said. Sweden stood in solidarity with Kyiv, she added.
On Thursday, Russian envoys sounded a bleak note after discussions this week with the OSCE in Vienna, as well as Nato and the US. Sergei Ryabkov, who led Russia’s delegation, said talks had hit a dead end.
The Kremlin has demanded an assurance Ukraine and Georgia will never join Nato. It wants Nato to remove troops and equipment from its member states in eastern Europe, and to return deployment to 1997 levels, before Nato expanded.
On Friday Russia’s foreign minister Sergei Lavrov said Moscow would not wait indefinitely for a response. “We have run out of patience,” he said at a news conference. “The west has been driven by hubris and has exacerbated tensions in violation of its obligations and common sense.”
Russia has mobilised 100,000 troops on the border with Ukraine and sent in military hardware. Its defence ministry announced that further equipment would be relocated from the east of the country as part of what it said was an “exercise”.
Meanwhile, Moscow said it had carried out a special operation against the ransomware group REvil following a request from the US. The FSB spy agency which Vladimir Putin used to run said it had detained and charged the group’s members.
The US embassy in Moscow had no immediate comment. But the move appears to be part of carrot and stick operation following the latest cyber-attack on Ukraine, designed to wrong-foot the Americans. Thus far, the Kremlin has made little effort to curb hacks on western targets by Russia-based cyber-criminals.
Ukraine has been repeatedly targeted since 2014, when Moscow annexed Crimea and kickstarted a war in the eastern Donbas region. About 288,000 cyber-attacks took place in the first 10 months of 2021, according to official figures, with 397,000 in 2020.
The attacks have also been directed at critical infrastructure. In winter 2015 suspected Russian hackers took out parts of the country’s power grid, which led to almost a quarter of a million Ukrainians losing power and heat. A repeat attack happened in 2016.
In 2017, suspected Russian hackers unleashed the NotPetya virus, causing mayhem. Banks, newspapers and leading companies were targeted.
An erosion of democratic norms. An escalating climate emergency. Corrosive racial inequality. A crackdown on the right to vote. Rampant pay inequality. America is in the fight of its life. If you can, please make a gift today to fund our reporting in 2022.
For 10 years, the Guardian US has brought an international lens with a focus on justice to its coverage of America. Globally, more targeted.