January 20, 2022, 4:03

    EXCLUSIVE Hackers likely used software administration rights of third party to hit Ukrainian sites, Kyiv says

    EXCLUSIVE Hackers likely used software administration rights of third party to hit Ukrainian sites, Kyiv says

    KYIV, Jan 14 (Reuters) – Hackers who launched strikes against Ukrainian government websites appear to have used the software administration rights of a third party company that developed the sites, a top Ukrainian security official told Reuters on Friday.

    Serhiy Demedyuk, the deputy secretary of the national security and defence council, said Ukraine was working to establish who obtained such access, whether it was done externally or through an insider.

    The comments are the first detailed explanation of how multiple Ukrainian websites were hit by a cyber strike that left a warning to "be afraid and expect the worst", at a time when Russia has amassed troops near Ukraine's borders. read more

    Register now for FREE unlimited access to Reuters.comRegister

    "According to the preliminary conclusions of our experts … today's attack occurred due to the use by third parties of access to the software administration rights of a company that had an advantage in developing websites for government agencies," Demedyuk said in written comments.

    "The specified software has been used since 2016 to create websites for government agencies, most of which became victims of today's incident," said Demedyuk, who used to be the head of Ukraine's cyber police.

    He did not name the third party company.

    Ukraine said on Friday the cyberattack hit around 70 internet sites of government bodies including the security and defence council.

    Demedyuk said his statements were preliminary findings.

    "But for the final conclusion, law enforcement agencies need to conduct many examinations of the seized digital evidence, as well as to establish how and who exactly received such privileged administrative access, through outside interference or as a result of the illegal activities of an insider in this company," he said.

    Demedyuk did not say who might have been behind the attack, though Ukraine's foreign ministry and its state security service pointed the finger of suspicion towards Russia.

    Russia did not comment, but has previously denied being behind cyberattacks, including against Ukraine.

    Register now for FREE unlimited access to Reuters.comRegisterWriting by Matthias Williams; Editing by Howard Goller

    Sourse: reuters.com

    Related posts

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    We use cookies in order to give you the best possible experience on our website. By continuing to use this site, you agree to our use of cookies. You can find a detailed description in our Privacy Policy.
    Accept
    Reject
    Privacy Policy