Ukraine has accused the Russian government of being behind a cyberattack on 70 of its most important civic websites. The hackers left an accompanying warning telling Ukrainians “… to be afraid and expect worse,” which was followed by websites going temporarily down for several hours.

The Ukrainians point out that the Russian media reported news of the hack before the information was released in Ukraine. There is speculation as to whether the attacks were a response to the dim mood after failed talks with NATO over the build-up of Russian troops on Ukraine’s border. Currently, 100,000 Russian troops remain on the ground.

During the cyberattack, the group took down 70 Ukrainian government websites and then posted a message warning: “Ukrainian! All your personal data has been uploaded onto the public Internet.” It ended with: “This is for your past, your present, and your future.”

But this has turned out to be false, and according to the Ukrainian SBU (the Security Service), no personal data has been leaked.

The trouble is Russia has proven itself adept at using cyber-tactics as part of a ‘hybrid’ approach to warfare before. In 2014 when it annexed Crimea, and in 2008 to invade Georgia, Russia was accused of launching cyber-attacks to destabilize communications.

The Guardian website reminds us Ukraine is a repeat target, losing electrical grid power to Russian hacks in 2015, and 2016. In 2019 Russians were implicated in releasing the Not Petyr virus which caused major disruption to Ukraine’s key commerce and media websites.

The SBU says it has dealt with 1200 cyber incidents in the past year alone, many attributable to Russian sources. During the same talks, NATO agreed to help by sharing access to their malware alert platform. 

In an exclusive report from Reuters, we learn that hackers gained third-party access privileges to Ukraine’s government websites, and manipulated systems from there. Ukraine’s Serhiy Demedyuk from the National Security and Defence Council said Ukraine is trying to discover how the hackers got inside the systems — more specifically if this was an inside job, or the result of external hacking methods. 

The software culprit seems to be a tool used for website creation, in use since 2016 by Ukrainian government agencies. How it was compromised is the subject of ongoing investigation efforts.

BBC reporter Joe Tidy notes this case is odd and adds that “threats of deleting personal data are likely hollow,” and might indicate the attack originates with zealous Russian patriots trying to make a point. Indeed, that is what happened in Georgia prior to invasion. Perhaps this is more like the crowd cheering things on, rather than a state-sponsored cyber-attack.

AP News out of the US says in recent days Russia has been helpful in arresting those responsible for the Colonial Pipeline hack of 2021. In the United States, website systems controlling infrastructure important to the supply of gas were taken down causing severe disruption. Moscow diplomats report the Revil ransomware gang has been arrested and detained over that attack.

No doubt over the coming weeks Ukraine’s national security investigation will tell us who is ultimately responsible.

In other news

  • Town exchanges flashing lights for text messages. The town of Windcrest, northeast of San Antonio, is hoping to reduce traffic stops by encouraging residents to sign up for a  new Trusted Driver Program. According to Gizmodo, participants will receive text messages if they commit minor traffic violations like speeding or running red lights. CEO of the program and former San Antonio Police Department officer Val Garcia hopes that reducing traffic stops will give officers more time to pursue serious crimes.
  • Celebs sued for crypto manipulation. According to a new lawsuit filed in California, several celebrities are being accused of promoting EthereumMax (EMAX), a new cryptocurrency to boost its value, only to have the crypto creators sell their holdings for big bucks, in a scheme known as ‘pump and dump.’ The BBC reported that Kim Kardashian, boxer Floyd Mayweather, and former NBA star Paul Pierce promoted EMAX on social media or provided incentives to purchase the currency. As a result of their endorsements, EMAX quickly increased in value. Then EMAX creators Steve Gentile and Giovanni Perone sold off their holdings, making a profit before the cryptocurrency took a nosedive. According to the lawsuit, “EthereumMax’s entire business model relies on using constant marketing and promotional activities, often from ‘trusted’ celebrities, to dupe potential investors into trusting the financial opportunities.” 
  • Facebook faces significant antitrust action in the US and UK. This week a federal judge in the US ruled that the Federal Trade Commission could move forward with antitrust action against Meta Platforms/Facebook as a monopoly. As Wired reports, in reversing a previous decision, the judge now accepts the government’s contention that “Facebook has a dominant share of the social networking market.” The question now is whether or not holding a monopoly is harmful if the product itself is free. Meanwhile, Reuters reports that the company faces a £2.3 billion class-action suit in Britain for using its dominance in the market to exploit the personal data of 44 million users.
  • Chess-playing AI could have massive privacy implications. Computer scientists at the University of Toronto trained an AI to play in a more human style using data from millions of games played on the Lichess website. The goal ostensibly was to learn how to create human-like AIs for systems such as chatbots. But as researchers discovered, the system can be used to not only improve gameplay but identify behavioral patterns that can identify individual players. The journal Science points out that in the future, this technology may not be reserved just for games and customer service. Privacy advocates suggest that such systems could be employed in the future to identify people based on all sorts of behaviors such as driving, shopping, or other activities, and could become a new tool for law enforcement.
  • Microsoft acquires Activision Blizzard. In the past, we’ve reported on the ongoing troubles at the video game company Activision Blizzard, including labor disputes and accusations of sexual harassment against CEO Bobby Kotick. Now The New York Times reports that Microsoft plans to purchase the company for a whopping $70 billion. This acquisition would position Microsoft as a top player in online gaming and boost its Xbox gaming platform. Gizmodo notes that this is Microsoft’s largest-ever acquisition, twice the size of its purchase of LinkedIn, and points out that Microsoft stands to gain “nearly 400 million monthly active players in 190 countries” in a move that could generate billions for the tech company. 
  • Crypto.com is being cryptic about a possible hack. Gizmodo reports that Crypto.com, a popular cryptocurrency trading app with over 10 million users, suspended withdrawals for 14 hours on Monday and required all users to reset two-factor authentication. According to a company tweet, some users “experienced unauthorized activity in their accounts” but reassured users that “all funds are safe.” Some users reported significant funds missing from their accounts but then noted that the money had been restored. But Gizmodo notes, “it’s not clear if hackers made off with stolen funds and the users were simply compensated by the company or if no money was actually stolen,” and the company refused attempts to get clarification on this point. 

Tip of the week

For ordinary Ukrainians who might be worried that their data was exposed in the hack mentioned in our lead story, there’s help in the form of the website Have I Been Pwned, a site well-known for publishing information on data leaks that impact consumers. Ukraine signed up to the hugely successful website monitoring service last April to monitor all API website government traffic in cooperation with the Ukrainian National Cybersecurity Coordination Center, and now its citizens can check if their personal email, passwords, or data has been leaked in any cyber-attack. 

The situation in Ukraine is a timely reminder that no matter where you live, protecting your accounts from hackers is largely achievable — with good password hygiene. Namecheap’s recent deep dive article into password security can help, showing you how to go about protecting your web property and domain assets with top advice and useful tips on this issue.

[NEWS] Ukraine has more to worry about than troops .