Exclusive-Hackers likely used software administration rights of third party to hit Ukrainian sites, Kyiv says

Ukrainian Cyber Police Chief Serhiy Demedyuk speaks during an interview with Reuters in Kiev, Ukraine November 2, 2017. Picture taken November 2, 2017. REUTERS/Valentyn Ogirenko

KYIV (Reuters) - Hackers who launched strikes against Ukrainian government websites appear to have used the software administration rights of a third party company that developed the sites, a top Ukrainian security official told Reuters on Friday.

Serhiy Demedyuk, the deputy secretary of the national security and defence council, said Ukraine was working to establish who obtained such access, whether it was done externally or through an insider.

The comments are the first detailed explanation of how multiple Ukrainian websites were hit by a cyber strike that left a warning to "be afraid and expect the worst", at a time when Russia has amassed troops near Ukraine's borders.

"According to the preliminary conclusions of our experts ... today's attack occurred due to the use by third parties of access to the software administration rights of a company that had an advantage in developing websites for government agencies," Demedyuk said in written comments.

"The specified software has been used since 2016 to create websites for government agencies, most of which became victims of today's incident," said Demedyuk, who used to be the head of Ukraine's cyber police.

He did not name the third party company.

Ukraine said on Friday the cyberattack hit around 70 internet sites of government bodies including the security and defence council https://www.reuters.com/world/europe/expect-worst-ukraine-hit-by-cyberattack-russia-moves-more-troops-2022-01-14.

Demedyuk said his statements were preliminary findings.

"But for the final conclusion, law enforcement agencies need to conduct many examinations of the seized digital evidence, as well as to establish how and who exactly received such privileged administrative access, through outside interference or as a result of the illegal activities of an insider in this company," he said.

Demedyuk did not say who might have been behind the attack, though Ukraine's foreign ministry and its state security service pointed the finger of suspicion towards Russia.

Russia did not comment, but has previously denied being behind cyberattacks, including against Ukraine.

(Writing by Matthias Williams; Editing by Howard Goller)

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 46
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights

Next In World

Afghan women losing jobs fast as economy shrinks and rights curtailed
Initial Barbados election results show PM Mottley poised for win
Pristine coral reef unblemished by warming oceans found off Tahiti
U.S. clears Baltic states to send U.S.-made weapons to Ukraine
Microsoft muscles in on first wave of the metaverse
Tongans deafened by volcanic blast as they fled for safety
In Tonga, a volcano-triggered tsunami underscores islands' acute climate risk
‘Silicon Savannah’ Kenya targets loan apps abusing customer data
France first: Far-right challenger tears into Macron's European vision
Prince Andrew quits social media as US sex assault case looms

Others Also Read