Ukrainian energy giant, postal service, transportation agencies hit by cyberattacks

KYIV — Several state-owned Ukrainian critical infrastructure companies reported cyberattacks on their systems on Thursday.

Among the victims is Ukraine's largest state-owned oil and gas company, Naftogaz. According to its statement, hackers attacked a data center. As of the time of writing, the Naftogaz website and call centers are not operational.

Ukraine’s cybersecurity agency told Recorded Future News that it was investigating the incident but did not provide further details. A Naftogaz spokesperson said in a comment that the company’s specialists are currently working to resolve the incident and will provide comments on the attack later.

Naftogaz employs 100,000 people in Ukraine and supplies gas to over 12 million Ukrainian households. The enterprise runs 60 subsidiaries in the energy industry.

Ukraine’s national postal service provider, Ukrposhta, also reported a cyberattack on Thursday. The company’s CEO, Igor Smelyansky, said that the hackers attacked the information infrastructure of Ukrposhta's partners overnight, causing disruptions to the postal operator’s services.

The company has already restored payment processing services, access to users' personal accounts, and the application programming interface (API). “Small delays in the delivery of parcels are possible, but we do everything to minimize them,” Smelyansky said. Ukrposhta hasn’t responded to a request for comment.

The third Ukrainian entity that reported the cyberattack today is the agency responsible for transport safety, DSBT. The attack on its data center disrupted website operations and the system called “Shlyah,” which is used by drivers to cross the Ukrainian border or deliver cargo abroad. The company said that it's working to resolve the incident and will soon restore its services.

Ukraine’s state railway, Ukrzaliznytsia, also said that some of its services were attacked by hackers. Because of the incident, passengers in Kyiv couldn’t buy online tickets for the electric multiple-unit train, the company said, but it didn’t provide further details.

It is not yet clear if these attacks are connected and who is behind them. On Thursday, a Russian group of cyber volunteers called the National Cyber Army claimed responsibility for the attack on DSBT's system but did not mention the other services.

Last week, Ukraine’s online bank, Monobank, reported that its systems were targeted by the largest distributed denial-of-service (DDoS) attack ever. The attacks on Monobank persisted for three days.

Earlier in December, Ukraine’s largest telecom operator, Kyivstar, fell victim to a massive cyberattack orchestrated by Russian state-sponsored hackers. The attack left millions of Kyivstar subscribers without mobile signal and internet for days."

The goal of the attack was to cause "disastrous" destruction, deliver a psychological blow, and gather intelligence, said Illia Vitiuk, the head of the cybersecurity department at Ukraine’s security service (SBU).