Cyber Incident Victim: Right Sector
Date:
Feb 2014
Location:
Ukraine
Summary
Hacktivists launched distributed denial-of-service attacks against multiple Ukrainian websites, including the parliament and the Right Sector nationalist movement's online presence, alongside several platforms associated with the Euromaidan protests. The cyberattacks caused significant disruptions, with most targeted sites remaining offline while the parliamentary website was eventually restored. These incidents occurred amid escalating protests triggered by the government's rejection of a European Union agreement, during which the militant group played a prominent role in confrontations with authorities. The hacking campaigns reflected broader political divisions, with some groups supporting opposition factions and others aligning with pro-government interests, as evidenced by subsequent leaks of opposition figures' communications.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In late February 2014, hacktivist groups launched distributed denial-of-service (DDoS) attacks against multiple Ukrainian websites amid escalating political tensions following the Euromaidan protests. The cyberattacks targeted the official website of Ukraine's parliament, the Verkhovna Rada (rada.gov.ua), along with several sites associated with the Euromaidan movement and the Right Sector nationalist group (banderivets.org.ua). Additional affected domains included maidansupport.com, maidanhelp.com.ua, helpmaidan.org.ua, and QHA news outlet qha.com.ua. Cyber Guerilla publicly reported these disruptions, noting the coordinated nature of the attacks. The Right Sector's website was specifically targeted due to the group's prominent role in violent clashes with police during protests, with media describing its members as militant nationalists with borderline fascist ideologies. These cyber operations followed a pattern of digital assaults that began in November 2013 when President Viktor Yanukovych refused to sign an EU association agreement, triggering mass demonstrations. By February 20, 2014, the physical conflict had reached its deadliest point with 77 protesters killed in Kiev.
The attacks temporarily disabled multiple online platforms critical to both government operations and protest coordination. At the time of reporting on February 28, the parliamentary website had been restored while other targeted sites remained offline, indicating varying recovery capabilities among victims. The incident occurred within a broader context of cyber conflict between hacktivist factions supporting opposing political sides. While some groups attacked government infrastructure in solidarity with protesters, others supported Yanukovych's administration through operations like the leak of private emails from Vitali Klitschko's Ukrainian Democratic Alliance for Reform (UDAR) party. Anonymous Ukraine claimed responsibility for compromising correspondence between Klitschko and a Lithuanian presidential adviser, demonstrating the parallel use of information warfare alongside disruptive attacks. The DDoS campaign against Right Sector and associated sites represented one component of this ongoing digital conflict, directly correlating with the timeline of physical violence and political instability during Ukraine's revolution.