Ukrainians at risk of more cyber attacks, experts warn
Sign up now: Get ST's newsletters delivered to your inbox
KIEV • Hackers who defaced and interrupted access to numerous Ukrainian government websites on Friday could be setting the stage for more serious attacks that would disrupt the lives of ordinary Ukrainians, experts have said.
"As tensions grow, we can expect more aggressive cyber activity in Ukraine and potentially elsewhere," said Mr John Hultquist, an intelligence analyst at US cyber-security company Mandiant, possibly including "destructive attacks that target critical infrastructure".
"Organisations need to begin preparing," Mr Hultquist added.
Intrusions by hackers on hospitals, power utility companies and the financial system were until recently rare. But organised cyber criminals, many of them living in Russia, have gone after institutions aggressively in the past two years with ransomware attacks, freezing data and computerised equipment needed to care for hospital patients.
In some cases, those extortion attacks have led to patient deaths, according to litigation, media reports and medical professionals.
Friday's attack on Ukrainian websites included a warning to "be afraid and expect the worst". It comes at a time when Russia has amassed about 100,000 troops near Ukraine, raising fears in the West of an invasion. Moscow denies it wants to invade.
Russia has repeatedly rejected hacking allegations levelled by Ukraine and other countries over the years. On Friday, it said it had dismantled prominent hacking group REvil, which carried out a high-profile attack last year on US software firm Kaseya, following a request from Washington.
Ukraine said on Friday it had found clues that Russia could have been behind the latest cyber attack on its government websites.
In 2014, Russian troops went into the Black Sea peninsula of Crimea and annexed it from Ukraine. If Russia invades again, more cyber attacks would occur too, predicted former CrowdStrike cyber security executive Dmitri Alperovitch.
They would most likely be disruptive, not fatal, Mr Alperovitch said. "It will be a sideshow. The main show will be on the ground."
Ukraine has already borne the brunt of some of the largest hacks on infrastructure to date.
In December 2015, a first-of-its-kind cyber attack cut the lights to 225,000 people in western Ukraine, with hackers also sabotaging power distribution equipment, complicating attempts to restore power.
In 2016, an attack on the State Treasury halted its systems for several days, meaning state workers and pensioners were unable to receive their salaries or payments on time.
REUTERS, AGENCE FRANCE-PRESSE
