Ukrainian Postal Service Hit By Cyber Attack

Ukraine's national postal service has been hit by a two-day-long cyber-attack targeting its online system that tracks parcels.

Unknown hackers carried out a distributed denial of service (DDoS) attack against Ukrposhta's website.

The attack began on Monday 7th August in the morning, but ended shortly after 21:00 local time (1900 BST).

However, Ukrposhta reported on Facebook that the DDoS attack continued again on Tuesday 8th August.

"Friends, we've been DDoSed," the company in a post on Tuesday. "During the first wave of the attack, which began yesterday in the morning, our IT services could normalise the situation, and after 17:00, all the services on the site worked properly.

"But today, hackers are at it again. Due to their actions, both the website and services are working, but slowly and with interruptions."

'Inadequate protection'

DDoS attacks occur when hackers flood a website's servers with a huge amount of web traffic, with the intent of taking the website offline.

Attackers do this by secretly infecting computers, routers and Internet of Things-enabled devices, such as thermostats, washing machines and other home appliances, with malware and then roping the zombie computers into a botnet.

"With critical systems exposed to the internet and inadequate protection, denial of service attacks can have an impact way beyond taking a website down or preventing online transactions from taking place," Sean Newman, director of Corero Network Security, told the BBC.

"In this case, it was a service that was reportedly brought to its knees, but outcomes for other organisations could include manufacturing processes being interrupted or halted, potentially impacting productivity, quality and even safety.

"This serves to highlight how any organisation, including those which don't transact directly with consumers, can be seriously impacted by denial of service attacks. With the level of sophistication of today's attackers, and without the latest generation of always-on, real-time automatic DDoS protection, all organisations are vulnerable to DDoS attacks of all sizes and durations."

This is not the first time that Ukraine's postal service has been targeted this year, in June, Ukrposhta was hit by the NotPetya ransomware attacks, as part of a wider national attack on Ukrainian banks, the state power provider, television stations and public transport services.

BBC:      ITWorld Canada

 

« Artificial Intelligence: A Warning
Chinese Satellite Sends Hack-Proof Messages »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ID-SIRTII/CC

ID-SIRTII/CC

Security Incident Response Team for Internet Infrastructure in Indonesia.

France Cybersecurity

France Cybersecurity

France Cybersecurity represents the French cybersecurity industry to raise international awareness of French cybersecurity capabilities and solutions.

ISC2

ISC2

ISC2 is an international, non-profit membership association for information security leaders. Our information security certifications are recognized as the global standard for excellence.

SolutionsPT

SolutionsPT

SolutionsPT enables customers to strengthen their Operational Technology (OT) network to meet the ever increasing demand for performance, availability, connectivity and security.

ThreatAdvice

ThreatAdvice

ThreatAdvice is a provider of cybersecurity education, awareness and threat intelligence.

GlobalPlatform

GlobalPlatform

GlobalPlatform’s specifications are highly regarded as the international standard for enabling digital services and devices to be trusted and securely managed throughout their lifecycle.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Echosec Systems

Echosec Systems

Echosec Systems is a data discovery company delivering social media and dark web threat intelligence. Our web based security software delivers critical information for situational awareness.

SOC.OS Cyber Security

SOC.OS Cyber Security

SOC.OS is an alert correlation and triage automation tool. It correlates and prioritises your alerts, boosting productivity, enhancing threat visibility and shortening mean time to respond.

Indevis

Indevis

Indevis provides IT security, datacenter and network solutions, accompanied by professional consulting, management and support services.

Solvere One

Solvere One

Solvere One is a managed service provider (MSP) focused on corporate consulting and partnership.

BaXian Group

BaXian Group

BaXian AG is an international consulting company specializing in IT security, data analytics, risk management and compliance.

SpeQtral

SpeQtral

SpeQtral offers commercial space-based Quantum Key Distribution (QKD) founded on technology developed at the National University of Singapore.

AutoRABIT

AutoRABIT

AutoRABIT provides DevSecOps tools built specifically for Salesforce developers to increase release velocity, produce consistently high-quality code, and enhance data security.

Salus Cyber

Salus Cyber

Salus is a provider of world-class cyber security services, enabling our clients to identify and manage their cyber risks proactively and effectively.

AI Security Institute (AISI)

AI Security Institute (AISI)

The AI Security Institute’s mission is to minimise surprise to the UK and humanity from rapid and unexpected advances in AI.