Ukraine suspects a group linked to Belarusian intelligence is responsible for carrying out the cyberattack that hit Ukrainian government websites this week, a senior Ukrainian government security official told Reuters. According to Serhiy Demedyuk, deputy secretary of the National Security and Defense Council, the hackers used malware similar to that used by a group linked to Russian intelligence.
Demedyuk said Ukraine blamed Friday’s attack – which defaced government websites with threatening messages – to a group known as UNC1151 and was a cover for more destructive behind-the-scenes actions.
His comments are Kiev’s first detailed analysis of the alleged culprits behind the attack on dozens of websites. On Friday, officials said Russia was likely involved, but gave no details. Belarus is a close ally of Moscow.
The cyberattack posted a warning on websites of various Ukrainian government agencies to “be afraid and expect the worst” at a time when Russia has massed troops near Ukraine’s borders, and Kiev and Washington fear Moscow is planning a new one. military attack on Ukraine.
Russia said such fears were “unfounded”.
Belarusian President Alexander Lukashenko’s office did not immediately respond to a request for comment on Demedyuk’s remarks.
The Russian Foreign Ministry, which had previously denied involvement in the cyberattacks, also did not respond to Reuters.
“The attack on the websites was just a cover for more destructive actions that were taking place behind the scenes and the consequences of which we will feel for the foreseeable future,” Demedyuk said in written comments.
In reference to UNC1151, he said: “This is a cyber espionage group affiliated with the special services of the Republic of Belarus.”
Demedyuk, who was once the head of Ukraine’s cyber police, said the group has a history of attacking Lithuania, Latvia, Poland and Ukraine and has also spread narratives condemning the NATO alliance’s presence in Europe.
“The malicious software used to encrypt some government servers is very similar in characteristics to that used by the ATP-29 group,” he said, referring to a group suspected of involvement in hacking the Democratic National Committee ahead of the presidential election. 2016 in the USA.
According to him, ATP-29 specializes in cyber espionage and is associated with Russian special services (Foreign Intelligence Service of the Russian Federation).
.
