Cyber Incident Victim: Ukrposhta
Date:
Apr 2022
Location:
Ukraine
Summary
Ukraine's national postal service experienced a distributed denial-of-service (DDoS) cyberattack that disrupted its online store and other operational systems following the launch of a controversial postage stamp depicting a Ukrainian soldier gesturing at a Russian warship. The attack caused significant service interruptions, prompting the company's director general to publicly apologize and coordinate restoration efforts with internet providers. This incident occurred amid heightened warnings from Ukrainian officials about potential cyber threats targeting critical infrastructure during the ongoing conflict.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On April 22, 2022, Ukraine's national postal service, Ukrposhta, experienced a cyberattack following the online launch of sales for a commemorative postage stamp. The stamp depicted a Ukrainian soldier making a crude gesture toward a Russian warship, referencing the sinking of the Russian Black Sea Fleet's flagship Moskva earlier that month. Ukraine claimed it struck the cruiser with missiles, while Russia attributed the sinking to an onboard ammunition explosion during stormy seas. The stamp's physical release at Ukrposhta's Kyiv headquarters had already drawn significant public interest, with queues forming during its initial sale. The cyberattack coincided with the digital rollout of stamp sales, disrupting Ukrposhta's online operations.
Ukrposhta Director General Ihor Smilianskyi publicly confirmed the incident as a distributed denial-of-service (DDoS) attack, which overwhelmed systems and caused temporary outages. Affected services included the online store and other internal operational systems. Smilianskyi apologized to customers via Facebook, stating teams were collaborating with internet providers to restore functionality. He did not attribute responsibility for the attack. Ukrainian authorities had repeatedly warned of heightened cyber threats from Russian actors since Russia's February 24 invasion, though Moscow consistently denied involvement in cyber operations against Ukraine. This incident occurred weeks after Ukraine reported thwarting a separate Russian cyberattack targeting its power grid.