Internet disruptions, cyberattacks hit Ukraine following Russian missile strikes

Internet and mobile communications in Ukraine were disrupted Monday and Tuesday after Russian missile strikes caused widespread power outages.

Data from Cloudflare shows that internet availability in the country was 35% below usual levels early on Monday. As of Tuesday morning, the internet in Ukraine is still experiencing disruptions as Russia continues to attack the country’s critical infrastructure, but most regions have restored connections, according to Cloudflare.

Mobile communication was disrupted or partially disappeared in some regions, according to Ukrainian state officials.

Local authorities asked Ukrainians to limit the use of mobile communications and electricity, as much of the country’s telecommunication infrastructure and energy facilities were damaged following the missile attacks on Ukrainian cities.

Internet connectivity in #Ukraine has been disrupted after multiple explosions caused widespread power outages.@Cloudflare data shows that Internet levels in the country dropped after 06:15 UTC and were 35% below the usual at 07:30 UTC. https://t.co/POiZGBMxdn pic.twitter.com/EMBIpOQqhq

— Cloudflare Radar (@CloudflareRadar) October 10, 2022

Russia fired a total of 84 missiles and 24 drones at Ukraine on Monday, damaging critical infrastructure sites, residential buildings, schools, cultural institutions, and healthcare facilities. 

“Ukraine is now in the midst of some of the most severe blackouts since the beginning of the war,” said Alp Toker, director of internet monitoring organization NetBlocks. More than a thousand settlements in Ukraine remain without power as of Monday evening, according to Ukrainian authorities.

To work in the absence of a power supply, Ukrainian mobile carriers and internet providers use generators and Elon Musk’s satellite internet Starlink, according to Mykhailo Fedorov, Ukraine’s minister of digital transformation. “Since the beginning of the war, they have learned how to restore communication as quickly as possible,” he said.

The Ukrainian energy sector is one of the most vulnerable to Russian attacks, both digital and physical. Even before the full-scale invasion, Ukraine had been anticipating large-scale Russian cyberattacks on its energy systems, which has yet to occur. The missile strikes, however, accomplished similar goals.

Earlier in September, Ukrainian cybersecurity officials said Russia was planning “massive cyberattacks” against the Ukrainian energy sector to “increase the effect of missile strikes.”

According to Ukraine’s Defense Intelligence, Russia may use its previous experience in attacking Ukraine’s energy systems. In 2015, Russia’s BlackEnergy malware left around half of the homes in the Ivano-Frankivsk region in Ukraine without electricity for a few hours, while in 2016 Russia used Industroyer malware to attack Ukraine’s power grid, depriving part of its capital, Kyiv, of power.

Hacking response

Following the missile strikes, pro-Russia hackers launched distributed denial-of-service (DDoS) attacks against the Ukrainian mobile bank Monobank, sending 6 million requests per minute.

According to Monobank co-founder Oleg Gorokhovsky, hackers attacked the bank after Ukrainian volunteers launched a crowdfunding campaign there to purchase Ukrainian-made RAM ІІ kamikaze drones for the army. The DDoS attack didn't stop Ukrainians from donating – they raised over $5.7 million in eight hours.

So far, no hacking group has claimed responsibility for the attack.

Russian hacktivists from the Cyber Army group wrote on Telegram that they also hacked the websites of the Lviv Chamber of Commerce and one of Ukraine's armored vehicle producers on Monday. Both websites are now operational and haven’t reported any incidents.

Ukrainian cybersecurity officials said that most pro-Kremlin cyberattacks on Ukraine are chaotic and poorly planned. “First, Russian hackers try to gain access to information systems, and only then decide what to do with it,” said Victor Zhora, deputy chairman at Ukraine’s State Service of Special Communications and Information Protection.