Share this page!

Eric Geller Profile picture
Twitter logo
Feb 23 8 tweets 3 min read
🚨 The websites of Ukraine's parliament, foreign ministry, and executive cabinet are down, possibly due to a new distributed denial-of-service attack.

rada.gov.ua
mfa.gov.ua
kmu.gov.ua
Cabinet of Ministers website appears to be back up. Rada and MFA sites still down.
Looks like Privatbank's website is having issues too. privatbank.ua
"Another mass DDoS attack" began at around 4 p.m. Agencies are "switching traffic to another provider" to mitigate the effects of the attack.
Privatbank is working for me now, although the "Human Verification" page doesn't remember me when I refresh, which suggests a very aggressive bot-checking feature that's probably smart.

But now the website of Ukraine's SBU (their FBI) is also down. ssu.gov.ua
Cloudflare is monitoring the situation in Ukraine.

"We’ve seen sporadic DDoS activity in Ukraine," a spokesperson says. "We've seen more DDoS activity this week than last week, but less than a month ago."
.@dsszzi says it's "working on countering the attacks, collecting and analyzing information."

Describes the activity as a second "massive DDoS attack."

cip.gov.ua/en/news/chergo…
@dsszzi SBU site now working for me, while Rada and MFA are still down, and KMU (Cabinet of Ministers) is back down.

This see-sawing between outage and restoration makes it seem like the attackers are trying to overwhelm the mitigation efforts.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Eric Geller

Eric Geller Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @ericgeller

Eric Geller Profile picture
Feb 23
Notable point from ESET's thread about new data-wiping malware that it discovered on hundreds of computers in Ukraine today.
Symantec seeing it too
Symantec's Eric Chien tells me: "We are seeing the wiper across multiple organizations in different sectors in the Ukraine including finance and government organizations. The wiper uses a legitimate driver to gain low level hard disk access to wipe data."
Read 18 tweets
Eric Geller Profile picture
Feb 22
After Russia invaded in 2014, Ukraine began centralizing govt data in Kyiv, severing links w/ IT systems in occupied territories.

Now it's preparing to evacuate that data if Moscow targets Kyiv.

I talked to @dsszzi's @VZhora about protecting this data: politico.com/news/2022/02/2…
Centralizing data in Kyiv robbed Russia of easy access to files and services previously accessible from now-occupied computers in Crimea, Luhansk, and Donetsk. It also prevented those now-untrustworthy computers from becoming backdoors into Ukrainian networks.
Ukraine's locally distributed computer system was the product of historically slow internet speeds that prevented large, frequent data transfers. But the country's modernization meant it could move everything to web platforms based in Kyiv (with multiple backup sites).
Read 11 tweets
Eric Geller Profile picture
Feb 18
White House briefing starting now. Anne Neuberger, deputy national security adviser for cyber, is one of the speakers.
Neuberger: “While there are currently no specific or credible cyber threats to the homeland, the U.S. government has been preparing for potential geopolitical contingencies since before Thanksgiving.”
Essentially confirming recent WaPo story, Neuberger says USG "believes that Russian cyber actors likely have targeted the Ukrainian government, including military and critical infrastructure networks, to collect intelligence & preposition to conduct disruptive cyber activities."
Read 13 tweets
Eric Geller Profile picture
Feb 17
During panel at Munich Cybersecurity Conference, FBI Cyber Division's Tonya Ugoretz says "international standardization" of AML rules for cryptocurrency "would greatly help" stop ransomware. Many countries don't have consistent rules, so even well-meaning exchanges can't help.
Ugoretz: "Sometimes foreign exchanges want to be cooperative...but because they don't have that existing framework that provides consistency in the types of information that they're collecting about their customers, they may not even have the information on hand to provide..."
On ransomware, DHS Under Secretary for Policy Rob Silvers says “we are taking this problem on from all angles, and it's among our very highest cybersecurity priorities.” He notes stopransomware.gov, various alerts and guidance docs, and partnerships with other agencies.
Read 7 tweets
Eric Geller Profile picture
Feb 17
Deputy AG Lisa Monaco is speaking now at the Munich Cybersecurity Conference.

“We're adapting old tools to use in new ways," she says, "while also designing novel techniques to use in our major cyber investigations.”
Monaco: “The FBI is forming a specialized team dedicated to cryptocurrency, the Virtual Asset Exploitation Unit."

The team brings together cryptocurrency experts to "provide equipment, blockchain analysis, virtual asset seizure, and training to the rest of the FBI."
DOJ's National Cryptocurrency Enforcement Team now has a dozen prosecutors, Monaco says. And former AUSA Eun Young Choi, a senior counsel to Monaco, will be the team's first director. Choi oversaw the JPMorgan hack case.
Read 12 tweets
Eric Geller Profile picture
Feb 1
Deputy National Security Adviser for Cyber Anne Neuberger is traveling to Europe today for a week of meetings with U.S. partners on cyber issues, including the defense of Ukraine, senior administration officials told reporters.
Neuberger will start in Brussels w/ meetings w/ EU counterparts & NATO officials on cyber resilience, a sr admin official said, "including deterring, disrupting, and responding to further Russian aggression against Ukraine, neighboring states, and in our respective countries."
After Brussels, Neuberger will travel to Warsaw for meetings with Polish officials and reps from Baltic govts.

She'll also meet with reps from the "Bucharest Nine" group of eastern NATO allies, and she'll meet virtually with French and German officials.
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @ericgeller has new unrolls!

Check out other threads from @ericgeller!

Read all threads by @ericgeller

:(