Cyber Incident Victim: Verkhovna Rada of Ukraine
Date:
Feb 2024
Location:
Ukraine
Summary
Ukraine's parliament experienced a cyberattack targeting its official website, causing a redirect to a fraudulent Telegram page before restoration. The incident occurred amid frequent digital assaults in the ongoing conflict, though no attribution was provided by the institution. This follows recent cyberattacks against major Ukrainian telecommunications and financial entities.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On February 28, 2024, Ukraine’s parliament, the Verkhovna Rada, publicly reported a cyberattack targeting its official website via a Telegram statement. The attack compromised the website’s functionality, specifically manipulating the link directing users to the parliament’s official Telegram channel. This alteration caused the link to redirect visitors to a counterfeit page impersonating the legitimate platform. The incident occurred amid heightened cyber hostilities between Ukraine and Russia, though the parliament did not disclose technical specifics about the attack vector, duration, or initial detection methods. No additional systems or parliamentary operations beyond the website’s compromised link were confirmed as affected in the reporting. By the time of the Kyiv Independent’s publication on February 1, 2024, the Verkhovna Rada had restored its website and corrected the Telegram link, confirming normal functionality. The parliament’s follow-up statement emphasized the resolution but provided no further details about mitigation steps, forensic findings, or data integrity concerns.
The incident aligns with a broader pattern of cyberattacks targeting Ukrainian infrastructure since Russia’s full-scale invasion, though the Verkhovna Rada did not attribute responsibility or disclose evidence linking the attack to specific threat actors. Prior incidents cited in the reporting include the December 2023 breach of mobile operator Kyivstar, claimed by the Russian hacker group Solntsepek, and a late January 2024 attack on Monobank, Ukraine’s largest mobile-only bank. The Verkhovna Rada’s restoration efforts focused solely on correcting the Telegram link redirect, with no mention of collateral damage, data theft, or persistent vulnerabilities. No disruptions to legislative operations or secondary impacts beyond the temporary website manipulation were documented. The parliament’s public communications framed the event as a contained technical disruption resolved within a short timeframe, without elaborating on defensive measures or coordination with national cybersecurity agencies.