Security News > 2021 > February > Ukraine: DDoS attacks on govt sites originated from Russia

The National Security and Defense Council of Ukraine is accusing threat actors located on Russia networks of performing DDoS attacks on Ukrainian government websites since February 18th. The National Coordination Center for Cybersecurity at the NSDC state that these DDoS attacks have been massive and have targeted government websites in the defense and security sector.

While Ukraine did not directly accuse Russia of the denial of service attacks, they stated that the attackers' IP addresses were located on Russian networks.

"In particular, attacks were carried out on the websites of the Security Service of Ukraine, the National Security and Defense Council of Ukraine, resources of other state institutions and strategic enterprises. It was revealed that addresses belonging to certain Russian traffic networks were the source of these coordinated attacks," the NCCC stated in a press release Monday morning.

These devices are then reportedly used to perform further DDoS attacks on other Ukrainian sites.

"In such a way, during an attack, vulnerable government web servers are infected with a virus that covertly makes them part of a botnet used for DDoS attacks on other resources."

"At the same time, security systems of Internet providers identify compromised web servers as a source of attacks and begin to block their work by automatically blacklisting them. Thus, even after the end of the DDoS phase, the attacked websites remain inaccessible to users," explains the NSDC explained.

News URL

https://www.bleepingcomputer.com/news/security/ukraine-ddos-attacks-on-govt-sites-originated-from-russia/