That’s according to the State Service for Special Communications and Information Protection, Ukrinform reported referring to the agency’s press service.
"Today, as of 14:00, almost all sites affected by the cyber attack on state information resources resumed their work. The inquiry, as well as an effort to restore other platforms, is underway," the statement said.
It is noted that, in addition to restoring the sites, the State Special Communications Service is cooperating with Microsoft in the framework of the Government Security Program cooperation agreement concluded last summer, looking into the possible use by perpetrators of the Viper malware that is known to erase data.
"At the same time, we can already say that the complexity of the attack is much higher than defacing the sites’ homepage. The attackers manually destroyed a number of external information resources. The fact that the attack was swift testifies to the coordination of hackers' moves and their high numbers," the officials noted.
The State Special Communications Service added that a version regarding a combination of three attack vectors is currently being worked out: supply chain attack and exploitation of OctoberCMS and Log4j vulnerabilities. Since Friday, DDOS attacks on a number of affected government agencies have also been recorded.
As Ukrinform reported earlier, overnight Friday, January 14, 2022, a massive cyber attack on Ukrainian government websites was reported. Among those affected were the websites of the Ministry of Education, Ministry of Foreign Affairs, Ministry of Youth and Sports, Ministry of Energy, Ministry of Agrarian Policy, Ministry for Veterans Affairs, Ministry of Environment, State Emergency Service, and State Treasury.
According to the SBU security service, a total of more than 70 government websites were hit in the extensive attack, 10 of which were penetrated. The content of the sites has not been changed, and no personal data has been leaked, security operatives report.