While Ukraine gears up for a military offensive in response to the referendum in Crimea voting to secede and join Russia, attackers on both sides of the border have already begun lobbing attacks in the cyber realm.
Attackers operating under the name “Cyber Berkut” launched a series of distributed denial-of-service attacks against a number of websites belonging to NATO, including www.nato.int, over the weekend. The attacks may be in response to a NATO statement on its website claiming the results of the referendum in Crimea would have “no legal effect or political legitimacy.”
The site was offline for long periods Saturday and slow to respond at times on Sunday. As of Monday morning, the site’s main page appeared to be normal, but other pages remained inaccessible or slow. On Twitter, NATO spokesperson Oana Lungescu said while the sites were not operational because of the attacks, NATO systems and data were not compromised.
Berkut refers to Ukrainian riot police who’d been suppressing protesters campaigning against ousted president Viktor Yanukovich and the group has clear pro-Russian leanings. On its site, the group said it will “not allow a Nato [sic] presence on the territory of our homeland.”
Sunday’s referendum centered on the question whether Crimea would secede from Ukraine and join Russia. The “so-called referendum…would be a direct violation of the Ukrainian constitution and international law,” Anders Fogh Rasmussen, NATO’s secretary general, said in the statement.
The attack against NATO is just the latest in a string of incidents. Last week, powerful DDoS attacks temporarily took out websites belonging to the Kremlin, the Russian central bank, the press agency Ria Novosti, and the Foreign Ministry.
While annoying and inconvenient, these DDoS attacks have not yet accompanied more serious attacks targeting sensitive systems or disrupting critical operations. There are no reports at the time of more serious attacks or covert operations targeting Ukrainian or Russian targets.
Fahmida Y. Rashid is an accomplished security journalist and technologist. She is a regular contributor for several publications including iPCMag.com where she is a networking and security analyst. She also was a senior writer at eWeek where she covered security, core Internet infrastructure and open source. As well, she was a senior technical editor at CRN Test Center reviewing open source, storage, and networking products.