The massive cyberattack that targeted Ukrainian government agencies on Friday (1/14/2022) was allegedly carried out by a group linked to the Belarusian Intelligence Service. This allegation was revealed by a senior Kiev security official in a statement on Saturday (15/1/2022).
"Our initial belief was that the UNC1151 group may have been involved in this attack," Deputy Secretary of Ukraine's National Security and Defense Council, Sergey Demedyuk, said in written comments to Reuters.
"The cyber espionage group in question is understood to be affiliated with the special services of the Republic of Belarus," according to Demedyuk.
"Attacks on government websites are just a cover for more destructive actions that are happening behind the scenes," he continued.
He gave no further details on this and only suggested that the "consequences" of the attack would be felt in the near future.
According to Demedyuk, UNC1151 has a track record of targeting multiple countries. He claimed that the malicious software used in the attack was very similar to that used by ATP-29 which is a group often referred to as “Cozy Bear.”
The ATP-29, along with the "Fancy Bear" hacker, have been blamed by the American media for jeopardizing Democratic National Committee computers ahead of the 2016 US presidential election.
Demedyuk added that the group's "cyber espionage" tactics had been "linked to the Russian special services (Foreign Intelligence Service of the Russian Federation)". Apparently, Demedyuk became the first Ukrainian official to publicly confirm that the attack was not carried out by a Russian group.
Earlier, another senior Ukrainian figure, the secretary of the National Security and Defense Council, Alexey Danilov, alleged in an interview with Britain's Sky News that he was "99.9% sure" Moscow was behind the hack.
During the cyber attack, a number of Ukrainian government websites including the foreign ministry and the education ministry were downed and inaccessible for some time.
“Ukraine! All information about you has become public. Fear and hope for worse. This is your past, present and future," reads a message written by hackers on the Ukrainian Foreign Ministry website as reported by The Guardian.
The message was seen as a protest against the Ukrainian flag and the crossed out map. It also mentions that the Ukrainian rebel army, or UPA, fought against the Soviet Union during the second world war.
