Everything is lost. How Russian hackers breached Ukrainian registries.

On December 19, one of the largest cyberattacks in Russia targeted Ukrainian state registries. What are its implications?

https://epravda.com.ua/rus/tehnologiji/propalo-vse-kak-rossiyskie-hakery-vzlomali-ukrainskie-reestry-801172/2024-12-21 09:03:44

On December 19, hackers targeted the registries of the Ministry of Justice of Ukraine, effectively halting the operation of numerous databases.

The cyberattack paralyzed a significant portion of economic activity in the country. Financial transactions, verification of counterparties, state procurement, and access to essential government services were all jeopardized. As of December 20, the work of notaries has primarily been limited to certifying documents.

Currently, an investigation is underway to determine the key circumstances of the incident: how the hackers managed to infiltrate the systems, whether there was a data leak, and the extent of the damage to the registries. The Ministry of Justice assures that there have been no confirmed cases of information theft regarding Ukrainian legal entities and individuals, and that backup copies of the databases will allow for a swift recovery of their operations.

The Economic Perspective provides details on one of the most extensive cyberattacks on government registries and its implications for the citizens of Ukraine.

What Happened

Late on the evening of December 19, the Deputy Prime Minister for European and Euro-Atlantic Integration, Minister of Justice Olha Stefanyshyna reported the cyberattack on the Ministry of Justice registries. According to her, the attack resulted in a temporary suspension of the operations of the state registries under the ministry's jurisdiction, particularly the Unified State Register (USR) of legal entities, individual entrepreneurs, and public formations.

<However, the consequences of the system failure were felt by Ukrainians earlier: during the day, some state registries were already non-operational, effectively making it impossible to provide notarial services.

Initially, the Ministry of Justice attributed the problems to a large-scale failure in the network infrastructure that supports the registries' functionality. The management of the registries is carried out by the State Enterprise "National Information Systems" (NAIS), which the day before announced planned technical works, particularly concerning the USR, the State Registry of Civil Status Acts, and the "Bankruptcy and Insolvency" system.

It was expected that the registries would be offline from 10 PM to 2 AM on the night of December 20. However, the planned technical works were forgotten by lunchtime on December 19. While NAIS officially reported technical issues, information about a cyberattack on NAIS appeared in the Russian Telegram channel XakNet Team.

The message, which surfaced around 8 PM, claimed that as a result of the attack on NAIS, hackers accessed the infrastructure containing all the data of the Ukrainian Ministry of Justice. It was asserted that after infiltrating the ministry's infrastructure, over 1 billion lines of data were stolen and deleted, including those stored on a backup server in Poland.