Major cyber-assaults on Ukraine, then Moscow, on eve of Crimea vote
-
Mark Clayton Staff writer
| Boston
With a disputed vote in Crimea set for Sunday, a powerful eight-minute cyber-attack was launched against Ukraine Thursday in the form of a large denial-of-service attack, originating in Russia, that hammered a computer network, cyber-security experts said.
Thursday鈥檚 distributed denial-of-service attack (DDoS) against an unidentified computer network in Ukraine was notable for being 32 times larger than the largest known distributed denial of service (DDoS) attack during Russia鈥檚 invasion of Georgia in 2008, according to Arbor Networks, a Burlington, Mass.-based cyber-security company.
It was followed on Friday by a powerful DDoS attack that temporarily knocked out websites belonging to the Kremlin, the Russian central bank, and Foreign Ministry. But it鈥檚 unclear if that was a Ukrainian response, and Russian authorities said the attack had nothing to do with the Ukraine crisis.
"A powerful cyber-attack is under way on the [Kremlin] site," a spokeswoman for the Russian president's press service told Reuters during the disruption. The three sites were repaired and all working later on Friday.
A group calling itself Anonymous Russia cited the Kremlin website's attack on Twitter, perhaps signaling it was behind the attack. The same group claimed to have knocked out the website in 2012 to protest Putin鈥檚 third term as president.
Only a little is known about the powerful Thursday attack. Eight minutes is enough time to take down a site and cause an outage, according to Jason Jones, an Arbor Networks analyst. Depending on the robustness of the network gear in place it can take down the network support equipment and cause a more extended outage.
鈥淭here have been no other attacks in this size range originating in Russia and targeting Ukraine in the past week,鈥 Mr. Jones wrote in an e-mail interview.
For two weeks it鈥檚 been mostly quiet on the cyber-conflict front between Ukraine and Russia 鈥 a handful of attacks defacing websites and some minor denial-of-service attacks notwithstanding.
A major cyber-espionage system called 鈥淪nake,鈥 which appears likely to have infested Ukraine鈥檚 government computer systems, according to a recent report by BAE Systems, has been around for years. But such a system could be used by its originators 鈥 believed to be Russian 鈥 to conduct attacks.
The recent attacks, as well as any future attacks attempting to impair the Ukrainian government鈥檚 ability to coordinate a response to Russian activities in Crimea, may hinge on geopolitical movements outside Ukraine.
鈥淚f it does continue to heat up 鈥 if NATO goes ahead and puts in passive defensive surveillance systems and says to Ukraine, 鈥榟ere鈥檚 how we can help and signs a partnership agreement' 鈥 that鈥檚 a tripwire,鈥 says Jason Healey, director of the Cyber Statecraft Initiative at the Atlantic Council, a national security think tank.
"If that happened," he says. 鈥淚 would expect to see the Russians using cyber means to throw sand in the gears of the new government and make life a lot more difficult.鈥
