Headlines

EXCLUSIVE Ukraine suspects group linked to Belarus intelligence over cyberattack


  • Ukrainian government websites were hit by cyberattack
  • Russia has massed troops near Ukraine’s borders
  • U.S. held security talks with Russia this week

KYIV, Jan 15 (Reuters) – Kyiv believes a hacker group linked to Belarusian intelligence carried out a cyberattack that hit Ukrainian government websites this week and used malware similar to that used by a group tied to Russian intelligence, a senior Ukrainian security official said.

Serhiy Demedyuk, deputy secretary of the national security and defence council, told Reuters that Ukraine blamed Friday’s attack – which defaced government websites with threatening messages – on a group known as UNC1151 and that it was cover for more destructive actions behind the scenes. read more

“We believe preliminarily that the group UNC1151 may be involved in this attack,” he said.

Register now for FREE unlimited access to Reuters.com

His comments offer the first detailed analysis by Kyiv on the suspected culprits behind the cyberattack on dozens of websites. Officials on Friday said Russia was probably involved but gave no details. Belarus is a close ally of Russia.

The cyberattack splashed websites with a warning to “be afraid and expect the worst” at a time when Russia has massed troops near Ukraine’s borders, and Kyiv and Washington fear Moscow is planning a new military assault on Ukraine.

Russia has dismissed such fears as “unfounded”.

The office of Belarusian President Alexander Lukashenko did not immediately respond to a request for comment about Demedyuk’s remarks.

Russia’s foreign ministry also did not immediately respond to a request for comment on his remarks. It has previously denied involvement in cyberattacks, including against Ukraine.

A laptop screen displays a warning message in Ukrainian, Russian and Polish, that appeared on the official website of the Ukrainian Foreign Ministry after a massive cyberattack, in this illustration taken January 14, 2022. REUTERS/Valentyn Ogirenko/Illustration

“The defacement of the sites was just a cover for more destructive actions that were taking place behind the scenes and the consequences of which we will feel in the near future,” Demedyuk said in written comments.

In a reference to UNC1151, he said: “This is a cyber-espionage group affiliated with the special services of the Republic of Belarus.”

‘TRACK RECORD’

Demedyuk, who used to be the head of Ukraine’s cyber police, said the group had a track record of targeting Lithuania, Latvia, Poland and Ukraine and had spread narratives decrying the NATO alliance’s presence in Europe.

“The malicious software used to encrypt some government servers is very similar in its characteristics to that used by the ATP-29 group,” he said, referring to a group suspected of involvement in hacking the Democratic National Committee before the 2016 U.S. presidential election.

“The group specializes in cyber espionage, which is associated with the Russian special services (Foreign Intelligence Service of the Russian Federation) and which, for its attacks, resorts to recruiting or undercover work of its insiders in the right company,” Demedyuk said.

The messages left on the Ukrainian websites on Friday were in three languages:…



Read More: EXCLUSIVE Ukraine suspects group linked to Belarus intelligence over cyberattack

You might also like More from author

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Live News

Get more stuff like this
in your inbox

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.

We respect your privacy and take protecting it seriously