Ukrainian Postal Service Hit By Cyber Attack

Uploaded on 2017-08-14 in NEWS-Cybersecurity News, INTELLIGENCE--Europe, FREE TO VIEW

Ukraine's national postal service has been hit by a two-day-long cyber-attack targeting its online system that tracks parcels.

Unknown hackers carried out a distributed denial of service (DDoS) attack against Ukrposhta's website.

The attack began on Monday 7th August in the morning, but ended shortly after 21:00 local time (1900 BST).

However, Ukrposhta reported on Facebook that the DDoS attack continued again on Tuesday 8th August.

"Friends, we've been DDoSed," the company in a post on Tuesday. "During the first wave of the attack, which began yesterday in the morning, our IT services could normalise the situation, and after 17:00, all the services on the site worked properly.

"But today, hackers are at it again. Due to their actions, both the website and services are working, but slowly and with interruptions."

'Inadequate protection'

DDoS attacks occur when hackers flood a website's servers with a huge amount of web traffic, with the intent of taking the website offline.

Attackers do this by secretly infecting computers, routers and Internet of Things-enabled devices, such as thermostats, washing machines and other home appliances, with malware and then roping the zombie computers into a botnet.

"With critical systems exposed to the internet and inadequate protection, denial of service attacks can have an impact way beyond taking a website down or preventing online transactions from taking place," Sean Newman, director of Corero Network Security, told the BBC.

"In this case, it was a service that was reportedly brought to its knees, but outcomes for other organisations could include manufacturing processes being interrupted or halted, potentially impacting productivity, quality and even safety.

"This serves to highlight how any organisation, including those which don't transact directly with consumers, can be seriously impacted by denial of service attacks. With the level of sophistication of today's attackers, and without the latest generation of always-on, real-time automatic DDoS protection, all organisations are vulnerable to DDoS attacks of all sizes and durations."

This is not the first time that Ukraine's postal service has been targeted this year, in June, Ukrposhta was hit by the NotPetya ransomware attacks, as part of a wider national attack on Ukrainian banks, the state power provider, television stations and public transport services.

BBC:      ITWorld Canada

 

« Artificial Intelligence: A Warning
Chinese Satellite Sends Hack-Proof Messages »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ControlScan

ControlScan

ControlScan is a Managed Security Services Provider (MSSP) - our primary focus is protecting your business and securing your sensitive data.

DNV

DNV

DNV are the independent expert in assurance and risk management. We deliver world-renowned testing, certification and technical advisory services.

SAI360

SAI360

SAI360 (formerly SAI Global) provide products and services for enterprise risk management including Governance, Risk & Compliance and Digital Risk solutions.

Semperis

Semperis

Semperis is an enterprise identity protection company that enables organizations to quickly recover from accidental or malicious changes and disasters that compromise Active Directory.

Pathway Forensics

Pathway Forensics

Pathway Forensics is a leading provider of computer forensics, e-discovery services and digital investigations.

Herbert Smith Freehills

Herbert Smith Freehills

Herbert Smith Freehills is a leading professional services including data protection and privacy.

National Digital Exploitation Centre (NDEC) - United Kingdom

National Digital Exploitation Centre (NDEC) - United Kingdom

NDEC is a project to create a centre of cyber and digital development and education for the UK. It will offer training in digital practices, cyber security and research.

Nucleon

Nucleon

Nucleon enables cybersecurity tools, organizations and software developers to become proactive by blocking threats before they become breaches.

EUROCONTROL

EUROCONTROL

EUROCONTROL is a pan-European, civil-military organisation dedicated to supporting European aviation. We help our stakeholders protect themselves against cyber threats.

Ascend Technologies

Ascend Technologies

Ascend Technologies offers a full suite of managed IT services including: Cloud & Infrastructure Management, Cybersecurity Management, Service Desk Management, Application Management , Data Management

Cyber Security for Europe (CyberSec4Europe)

Cyber Security for Europe (CyberSec4Europe)

CyberSec4Europe is designing, testing and demonstrating potential governance structures for a European Cybersecurity Competence Network.

ECS Ethiopia

ECS Ethiopia

ECS Ethiopia provides Ethiopia’s leading institutions with top cyber-security expertise and technology to enable them to overcome risks and market barriers enabling them to grow their business.

TheHive Project

TheHive Project

TheHive Project is a Scalable, Open Source and Free Security Incident Response Platform for SOC, CSIRT and CERT teams.

Gorilla Technology Group

Gorilla Technology Group

Gorilla specializes in video analytics, OT network security and big data to support a wide range of solutions for commercial, industrial, cities and government purposes.

Domotz

Domotz

Domotz enables IT teams to monitor and manage their networks remotely, while ensuring that the security and the operational efficiency of their organizations are properly maintained.

Hive Systems

Hive Systems

Hive Systems specialize in tailored solutions that unify risk assessments, IT, security awareness, and cybersecurity operations for businesses of all sizes.