(Bloomberg) — A Ukrainian probe has concluded that “all evidence” points to Russia having been behind a cyberattack last week that disabled several government websites.
The hacks were aimed at “destabilizing” the situation in Ukraine, according to findings of a joint investigation of several Ukraine’s state agencies published on Sunday.
The former Soviet nation endured a mass cyberattack at several of its ministries and public services on Friday. Russia already denied accusations it was behind the hacks.
Several Ukrainian entities are conducting their own analyses, and another official, citing other findings, earlier pointed the finger at Belarus.
Putin’s Troops Wouldn’t Get Cheers in This Once Pro-Russia City
Preliminary findings show that a group of hackers known as UNC1151 from Belarus, a close Russian ally, may have led the operation, Serhiy Demedyuk, deputy head of Ukraine’s National Security and Defense Council, said in a text message.
UNC1151 is a cyber-spy group related to the Belarus security service, Demedyuk said. The group uses a tactic known as “credential harvesting,” or gaining unsanctioned access to mail accounts, followed by the spread of malware, he said.
According to Demedyuk, the hacking group has been active in Lithuania, Latvia, Poland and Ukraine, and often use a narrative that mocks NATO’s presence in the Northern Europe. The Belarusian government hasn’t responded to Ukraine’s claims.
Europe Fears ‘New Normal’ of Nonstop Russia Tensions on Doorstep
Tensions in the region have escalated in recent weeks as Russia continues to keep troops near its border with Ukraine, a move that may be preparation for a full-scale invasion, according to Ukraine’s Western partners.
Russia says it wants NATO to bar Ukraine and other ex-Soviet states from membership, and to roll back its forces to positions they held in 1997.
More stories like this are available on bloomberg.com
©2022 Bloomberg L.P.