Russian Cyberattack Impacts National Bank of Ukraine Operations
In a recent development, the National Bank of Ukraine (NBU) has reported that a Russian cyberattack targeting government registries has significantly impacted the bank’s ability to open new accounts and issue loans. This cyberattack, which has been confirmed by Deputy Prime Minister and Justice Minister Olha Stefanishyna, resulted in a major network infrastructure failure affecting state registries on December 19.
Effects on Bank Operations
While the cyberattack did not directly affect the National Bank’s information systems, the unavailability of certain state registries has created obstacles for the bank’s day-to-day operations. The NBU has acknowledged that the inability to access these registries has particularly affected processes related to opening new accounts and issuing new loans.
To address this issue, the NBU is currently working on providing guidance to banks regarding alternative procedures for account opening during the registry outage. Similar measures were implemented in the past following Russia’s full-scale invasion, and banks operated under these guidelines until mid-June 2022.
Scope of the Cyberattack
Apart from its impact on the National Bank, the cyberattack also affected various government services offered through the Diia app. Temporary disruptions were reported in services such as employee reservation, LLC registration, online marriage services, property rights registration, and car re-registration. The Diia app clarified that while it doesn’t store personal data, it relies on information from registers that were compromised during the cyberattack.
The Russian hacking network XakNet Team claimed responsibility for breaching the databases of National Information Systems and the Ministry of Justice. Reportedly, they deleted over a billion rows of data, including backup copies stored on servers in Poland. Initial recovery efforts were expected to take up to two weeks, with a focus on restoring critical registries to ensure proper accounting and minimize negative consequences.
Investigation and Response
In response to the cyberattack, Deputy Prime Minister Olha Stefanishyna and the Security Service of Ukraine have announced a criminal investigation into the incident. There are concerns that a GRU (Russian Military Intelligence) hacking group may have been behind the attack, although it remains unclear whether Russia gained access to the registry information. Backup copies of the registries are available for restoration once safety measures are in place, ensuring no risk of irreversibility.
This cyberattack is part of a broader pattern of Russian cyber aggression against Ukrainian companies and government institutions since the start of the Russian invasion. Despite consistent denials from Russia, Ukraine’s Computer Emergency Response Team has documented nearly 4,000 cyber incidents between January 2022 and September 2023, highlighting the ongoing cybersecurity challenges faced by the country.
