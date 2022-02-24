Access to the websites of Ukraine’s defense, foreign and interior ministries was impossible or very slow on Thursday morning after a heavy wave of denial-of-service (DDoS) attacks as Russia attacked the country and explosions rocked the capital, Kiev, and other major cities.

In addition to Wednesday’s DDoS attacks, cybersecurity researchers said unidentified attackers infected hundreds of computers with destructive malware, some even in neighboring Latvia and Lithuania.

Asked if the denial-of-service attacks were continuing Thursday morning, Victor Zhora, a senior Ukrainian cyber defense official, did not respond. “Are you serious?” he wrote in a text message. “There are ballistic missiles here.”

“This is terrible. We need the world to stop it. Immediately,” Zhora said of the offensive announced by Russian President Vladimir Putin in the early hours of the morning.

Officials have long expected cyberattacks to precede and accompany any Russian military incursion. The combination of DDoS actions, which bombard websites with fake traffic to make them inaccessible, and malware infections fit the Russian playbook of combining network operations with real-world attacks.

ESET Research Labs said earlier that it detected a new data-wiping malware on “hundreds of machines across the country” on Wednesday, but it was unclear how many networks were affected.

“As for whether the malware was successful in its ability to erase, we assume that it was indeed and erased (the data on) the affected machines,” said ESET’s head of research, Jean-Ian Boutin, who declined to be identified. to the objectives but pointed out that they were “large organizations”.

ESET was unable to confirm who was behind the actions.

Symantec Threat Intelligence detected three organizations affected by the deletion malware — Ukrainian government contractors in Latvia and Lithuania, and a financial institution in Ukraine, explained Vikram Thakur, the firm’s chief technical officer. Both countries are part of NATO.

“Attackers have gone after these targets without much care where they might be physically located,” he added.

All three had “a close relationship with the Ukrainian government,” Thakur said, adding that Symantec believes the attacks were “targeted.” In addition, he noted that some 50 computers at the financial organization were affected by the malware, some with data wipes.

Asked about this attack on Wednesday, Zhora said there was no comment.

Boutin pointed out that the malware’s time stamp indicates that it was created in late December.

“Russia has likely been planning this for months, so it’s hard to say how many organizations or agencies have been infiltrated in preparation for these attacks,” said Chester Wisniewski, a senior researcher at cybersecurity firm Sophos.

He theorized that, with the malware, the Kremlin intended to “send the message that they have compromised a significant portion of the Ukrainian infrastructure and that these are just small tidbits to show how extensive their penetration is.”