Demediuk was stingy with specifics but said
Russian cyberattacks in mid-January and as
the invasion commenced sought primarily to
“destroy the information systems of government
agencies and critical infrastructure” and included
data theft.
The Ukrainian government says the Jan. 14 auto
insurance hack resulted in the pilfering of up to
80% of Ukrainian policies registered with the
Motor Transport Bureau.
Demediuk acknowledged that the Ministry of
Internal Affairs was among government agencies
breached Feb. 23. He said “a small part” of the
ministry’s data was stolen “but so far no case of
its use has been established.” He did not provide
specifics. Security researchers from ESET and
other cybersecurity firms that work with Ukraine
said the networks were compromised months
earlier, allowing ample time for stealthy theft.
The data collection by hacking is a work long
in progress.
A unit of Russia’s FSB intelligence agency that
researchers have dubbed Armageddon has
been doing it for years out of Crimea, which
Russia seized in 2014. Ukraine says it sought to
infect more than 1,500 Ukrainian government
computer systems.
Since October it has tried to breach and
maintain access to government, military,
judiciary and law enforcement agencies as well
as nonprofits, with a primary goal of “exfiltrating
sensitive information,” Microsoft said in a Feb. 4
blog post. That included unnamed organizations
“critical to emergency response and ensuring
the security of Ukrainian territory,” plus
humanitarian aid distribution.