Security News
IBM's infosec division says the UK was one of the most targeted countries in Europe for cyberattacks last year. The 12-strong Lithuanian-led team - including members from Estonia, the Netherlands, Lithuania, Croatia, Romania and Poland - is visiting the Ukraine to help it defend against Russian cyberattacks both remotely and on-site in the country, an EU spokesman told the BBC. Separately, this afternoon another series of outages appeared to hit various Ukrainian government websites.
The sites of several Ukrainian government agencies, and of the two largest state-owned banks are again targeted by Distributed Denial-of-Service attacks. Internet watchdog NetBlocks also confirmed that the websites Privatbank and Oschadbank were being hammered in the attacks and knocked down together with Ukrainian government sites.
Neustar Security Services has released a report which details the ongoing rise in cyberattacks in 2021, with an unprecedented number of carpet bombing distributed denial of service attacks. Carpet bombing, in which a DDoS attack targets multiple IP addresses of an organization within a very short time, accounted for 44% of total attacks last year, but the disparity between the first and second half of 2021 was stark.
Today, the White House has linked the recent DDoS attacks that knocked down the sites of Ukrainian banks and defense agencies to Russia's Main Directorate of the General Staff of the Armed Forces. Neuberger also added that, although "Of limited impact" these incidents could be part of a more significant Russian effort to prepare for other, "Laying groundwork" for more disruptive attacks that would come together with a potential invasion of Ukraine's territory.
"The DDoS attacks against the Ukrainian defense ministry and financial institutions appear to be harassment similar to the previous DDoS attacks seen in January," Rick Holland, CISO at Digital Shadows, said via email. In the past two months, Russian- advanced persistent threats have been tied to an attack on 70 Ukrainian government websites, a wiper targeting government, non-profit and IT organizations, and increased attacks and espionage against military targets.
Unknown attackers have mounted disruptive distributed denial-of-service attacks against several Ukrainian government organizations and state-owned banks on Tuesday. The DDoS attacks' impact on government sites and bank services.
The Ukrainian Ministry of Defense, whose site has been taken down following the attacks, said that its "Website was probably attacked by DDoS: an excessive number of requests per second was recorded." "Starting from the afternoon of February 15, 2022, there is a powerful DDOS attack on a number of information resources of Ukraine," Ukraine's State Service for Special Communication and Information Protection added.
The Ukrainian Ministry of Defense, whose site has been taken down following the attacks, said that its "Website was probably attacked by DDoS: an excessive number of requests per second was recorded. Technical works on restoration of regular functioning are carried out." While the Ukrainian defense ministry site has been knocked out, Oschadbank's website is still accessible although customers cannot log in to their online banking accounts.
Advanced DDoS attacks that are typically targeted, known as smart attacks, rose by 31% in the same period. Further, 73% of DDoS attacks in Q3 2021 were multi-vector attacks that combined multiple techniques to attack the targeted systems.
Microsoft this week revealed that it had fended off a record number of distributed denial-of-service attacks aimed at its customers in 2021, three of which surpassed 2.4 terabit per second. One of the DDoS attacks took place in November, targeting an unnamed Azure customer in Asia and lasted a total of 15 minutes.