Contents:
Distributed Denial-of-Service (DDoS) attacks are wreaking havoc on Ukraine’s Ministry of Defense and Armed Forces, as well as two of the country’s state-owned banks, Privatbank (Ukraine’s largest bank) and Oschadbank (the State Savings Bank).
What Is a DDoS Attack?
As explained by my colleague Elena, DDoS refers to an online attack in which legitimate users are prevented from accessing their target online location. This is usually done by flooding that particular website with a multitude of illegitimate information requests.
This type of cyberattack can have serious consequences as it affects customer experience, revenue, workflow, and brand image.
What Happened?
According to BleepingComputer, Ukraine’s Cyberpolice also announced yesterday that bank customers received SMS claiming that bank ATMs were unavailable, adding that they were “part of an information attack and do not correspond to reality.”
Starting from the afternoon of February 15, 2022, there is a powerful DDOS attack on a number of information resources of Ukraine.
In particular, this caused interruptions in the work of web services of Privatbank and Oschadbank. The websites of the Ministry of Defense and the Armed Forces of Ukraine were also attacked.
While the Ukrainian defense ministry’s website is down, Oschadbank and Privatbank’s webpages are still up and running, though users are unable to access their online banking accounts.
The Ukrainian Center for Strategic Communications and Information Security declared that Privatbank users:
- have reported issues with payments and the bank’s mobile app,
- were unable to access their Privat24 internet banking accounts,
- have noticed erroneous balances and recent transactions.
As explained by BleepingComputer, a traffic geofencing rule was added to Privatbank’s web application firewall (WAF) automatically removing the website’s contents for IP addresses outside of Ukraine and displaying a “BUSTED! PRIVATBANK WAF is watching you)” notification.
Why Is Ukraine Being Targeted?
Earlier this week, the Security Service of Ukraine (SSU) declared it believes that Ukraine is subjected to a hybrid warfare campaign meant to induce fear and weaken public faith in the government’s capacity to protect its population.
The agency also stated that it has already thwarted numerous such attempts connected to hostile intelligence agencies, as well as dismantled bot farms aimed at instilling fear in Ukrainian citizens through bomb threats and false information.
The country’s Computer Emergency Response Team warned of attacks against Ukrainian authorities, coordinated by the Gamaredon hacking group (linked to Russia’s Federal Security Service (FSB) by the Ukrainian security and secret services).
One day later, the SSU announced that it had stopped more than 120 attacks aimed at Ukrainian state institutions in January 2022.
How Can Heimdal Help?
Protect yourself from DDoS attacks with Heimdal Threat Prevention, the solution that allows you to easily leverage a Host-Based Intrusion Prevention System (HIPS), augmented by a highly intelligent threat detection technology powered by AI.
The innovative AI will detect and block the infected domains, allowing you to enjoy peace of mind when thinking about your business ecosystem.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.