US, UK: Russia responsible for cyberattack against Ukrainian banks

A laptop screen displays a warning message in Ukrainian, Russian and Polish, that appeared on the official website of the Ukrainian Foreign Ministry after a massive cyberattack

Russian military hackers were behind a spate of distributed denial of service (DDoS) attacks that briefly knocked Ukrainian banking and government websites offline, the United States and the United Kingdom said on Friday.

U.S. deputy national security adviser Anne Neuberger told journalists at the White House that Washington was seeking to hold Russia to account for its aggressive moves in cyberspace.

"Russia likes to move in the shadows and counts on a long process of attribution," Neuberger said. "In light of that, we're moving quickly to attribute the DDoS attacks. We believe the Russian government is responsible for widespread attacks on Ukrainian banks this week."

Neuberger said that Americans have data showing that infrastructure connected with Russia's military agency, generally known as the GRU, "was seen transmitting high volumes of communication to Ukraine-based IP addresses and domains."

In a simultaneous announcement, British officials said the GRU was "almost certainly involved" in the DDoS, which works by flooding targeted websites with a firehose of data.

"The attack showed a continued disregard for Ukrainian sovereignty," Britain's Foreign Commonwealth and Development Office (FCDO) said in a statement. "This activity is yet another example of Russia's aggressive acts against Ukraine."

"This disruptive behaviour is unacceptable," the FCDO said.

Russia has denied any role in the DDoS, which inflicted relatively limited disruption on Tuesday.

Kyiv had already blamed Moscow for the DDoS amid heightened tensions since Russia began massing troops near the border, raising fears Russia was planning to attack. The Kremlin has denied it plans to push deeper into the country.

Neuberger said that while the denial of service had "limited impact," the recent spate of malicious digital activity could be a prelude to "more disruptive cyberattacks accompanying a potential further invasion of Ukraine’s sovereign territory."

Reporting by Steve Holland in Washington and James Pearson in London; writing by Raphael Satter; editing by Philippa Fletcher and Howard Goller

REUTERS