Ukraine’s Ministry of Defense on Tuesday said it had been hit with a cyberattack amid heightened tensions with Russia and concerns Moscow could launch aggressive actions against the country, including a potential ground invasion. In addition, at least two Ukrainian banks and some ATMs lost connectivity, according the Ukrainian Center for Strategic Communications and Information Security, which is part of the Ministry of Culture and Information Policy.


Recent statements from a top DoJ official calling companies foolish if they aren\’t preparing for possible Russian-led cyber-attacks was ill timed at best. As is the case, much of the private sector consists of small businesses and they are constrained by having limited access to talent, therefore security consistently is an afterthought. Would we say such damaging things about poorer communities not preparing for floods, earthquakes or hurricanes? No, we wouldn’t — we would instead immediately offer aid, advice and support. The gap between security and the mission of any organisation, private or public sector, is enormous.
Additional Ukrainian government agencies under a barrage of cyber-attacks that are not likely to cease in the coming days and weeks is yet another reminder for public and private organisations to shore up their defences from cyber adversaries. There is no silver bullet or magic potion that will solve the cybersecurity challenges ahead for organisations.
Ukrainian banks and government websites are the latest victims of a cyber incident, it has been announced. Although the fine details of the event have not been revealed, foreign governments are often the target of international cyber-espionage campaigns. My own team’s investigation and prevention of these state-sponsored threats, has revealed that it is crucial for both private organizations and the public sector to learn how to protect against cyber attacks as a matter of highest priority. With a prevention-first and AI-driven approach, breaches can be stopped in their tracks.
As government agencies collect and share more digital information, they must develop a comprehensive, integrated approach to security to protect highly confidential data and communication. This can be done through AI-based threat prevention, enabling a Zero Trust security environment which continuously validates that trust at every event or transaction to authenticate users.
If you are victim to an attack, you also need the capability to contain it as fast as possible through a unified critical communications network, which can communicate between organizations, people, devices, and external entities regarding who is in the network and next steps. In this case, these solutions can also be used to communicate public safety warnings or updates to quell any panic.
At the moment with Ukraine government officials reporting that the Defense Ministry and several banks have been hit by cyberattacks, this would appear to be straight cyber conflict and not part of the hybrid warfare campaigns rumoured to be the handiwork of Russia against Ukrainian citizens and government officials to sow fear and to disrupt the everyday lives of people. To qualify for hybrid warfare, the attack would have to be in combination with other means of conducting war, like an air raid, an invasion, missiles, etc. There is definitely a degree of PsyOps here, but this is about lowering the fog of war on an opponent and raising the stakes.
It would be premature to pin these attacks on Moscow, as it could be others from domestic separatists, political groups to “Russian aligned” groups. It might be a diversion from something else, like a stealthier cyberattack as cyber defenders dive into the incident response side of these attacks. It could even be opportunistic attacks to frame the Russians, although that is less likely. There aren’t that many candidates for these targets since profit doesn’t seem to be an element and the sides are polarised.