NSDC warned of new mechanism of Russian hackers’ attacks
The National Security and Defense Council warned of a new mechanism of attacks on Ukraine infrastructure, in particular on the websites of the security and defense sector, as this is reported on February 22 on the website of the National Security and Defense Council.
The massive DDoS attacks have been recorded by the National Cyber Security Coordination Center (NCSCC) at the National Security and Defense Council since February 18.
In particular, attacks were carried out on the websites of the Security Service of Ukraine (SBU), the National Security and Defense Council, resources of other state institutions and strategic enterprises.
The source of these coordinated attacks was found to be IP addresses belonging to certain Russian traffic networks.
The National Security and Defense Council noted that a new mechanism of cyberattacks was used, which had not been observed before during similar incidents.
“Thus, during an attack, some vulnerable government servers are infected with a virus that covertly makes them part of a botnet used for DDoS attacks on other resources. At the same time, the security systems of Internet providers identify compromised web servers as a source of attacks and begin to block their work by automatically blacklisting them. Thus, even after the end of the DDoS phase, the attacked websites remain inaccessible to users, ” the report read.
NCSCC specialists are ready to provide advice and technical assistance to detect and respond to this type of cyberattack. In case of detection of compromising sites, DDoS-attacks are asked to notify the National Coordination Center for Cyber Security (firstname.lastname@example.org).
As IMI reported, on February 18, the website of the Security Service of Ukraine was suspended targeted by a hacker attack.