Large-scale cyberattacks against Ukraine on Tuesday reportedly hit government ministries, including the Cabinet of Ministers, several banks, a state power distributor, the Ukrainian postal service, a state-run aircraft manufacturer, and Boryspil airport in Kyiv, among other targets.
The cyberattacks have also affected companies outside of Ukraine, including an advertising firm in the United Kingdom; Maersk, the Danish shipping company; a French manufacturer; the U.S. pharmaceutical company Merck; a U.S. law firm; and a Russian oil producer, Rosneft.
Some cyber experts have stated that the suspected culprit is “hitting systems via the same leaked [National Security Agency] vulnerabilities as WannaCry.” However, the virus may well be a new version of ransomware that has not been seen before.
While the source of Tuesday’s cyberattacks has not yet been conclusively identified, the secretary of Ukraine’s security council is reported to have stated: “Already on first analysis of the virus it is possible to talk of Russian fingerprints.”
Russia has heavily employed cyberattacks against Ukraine in the past, with more than 6,500 cyberattacks against Ukraine in the last two months of 2016 alone.
Previous Russian cyberattacks have targeted government ministries, as well as the energy grid and industrial processes such as monitoring of oil and gas pipelines. Cyberattacks against Ukraine’s power grid in December 2015 and December 2016 left hundreds of thousands of people temporarily without power.
If Russia or Russian hackers were behind Tuesday’s cyberattacks, it would be the latest in a long list of cyber aggressions against Ukraine, and the most widespread. Ukrainian Prime Minister Volodymyr Groysman has called the ongoing cyberattacks “unprecedented.”
Russia has no interest in seeing a stable, secure, prosperous Ukraine, let alone one moving closer and closer to the West. Russia continues to violate Ukraine’s sovereignty and territorial integrity, perpetuating a war in eastern Ukraine, which has cost nearly 11,000 lives.
Cyberattacks are a pressure point of aggression, which Russia continues to employ against Ukraine.
The timing of the cyberattacks may also have been coordinated to send a political message. Ukrainian President Petro Poroshenko was in Washington, D.C., last week, where he met with President Donald Trump.
Furthermore, Wednesday is Ukraine’s Constitution Day, a public holiday that commemorates the adoption of the Ukrainian Constitution in 1996. The timing of the cyberattacks could be coordinated to coincide and disrupt the holiday.
These cyberattacks underscore the importance of continued U.S. support for Ukraine, including in the realm of cyber.
U.S. support for Ukraine is critical for pushing back against Russian aggression and keeping Ukraine on the path to reform and for allowing the Ukrainian people to freely choose their own destiny.
Furthermore, the attacks are yet another example that the U.S. cannot afford to be complacent about the security of its own critical infrastructure from cyberattack.
The U.S. must also look beyond cyberspace in how it responds to cyber aggression. Policymakers should use all tools of national power, including diplomatic, legal, trade, economic, cyber, intelligence, and military, to tailor an appropriate response to aggression in cyberspace.