Cyber Incident Victim: Defence ministry and other institutions in Ukraine

On December 13, 2016, Ukraine’s defence ministry reported its website was rendered inaccessible due to a cyber attack. Ministry spokesman Oleksandr Motuzyanyk stated the attack appeared designed to disrupt the ministry’s ability to provide public updates regarding the ongoing conflict with pro-Russian separatists in eastern Ukraine. The website served as a critical channel for disseminating operational information about military developments in the region. Motuzyanyk characterized the incident as a denial-of-service attack, a method frequently employed against the ministry’s digital infrastructure, though he noted many such attempts failed to cause operational disruptions. While the attack succeeded in temporarily disabling the site, officials confirmed the situation was brought under control. The spokesman declined to attribute responsibility, stating no conclusive evidence identified the perpetrators at the time of reporting.

This incident followed closely after cyber attacks targeted Ukraine’s Finance Ministry and State Treasury websites the preceding week. The Finance Ministry publicly accused hackers of orchestrating those attacks to undermine confidence in the government’s economic reform agenda. Though distinct from the defence ministry incident in timing and stated objectives, these parallel attacks indicated a broader pattern of disruptive cyber operations against Ukrainian state institutions during this period. Historical context included reference to a December 2015 cyber attack on Ukraine’s power grid, which the State Security Service attributed to Russian actors and which caused temporary electricity outages in western Ukraine. No technical details, forensic evidence, or specific threat actor affiliations were disclosed regarding the December 2016 defence ministry website disruption beyond its classification as a denial-of-service campaign.