14 DAY TRIAL // A number of Ukrainian hackers with pro-Russia views regarding the conflict in Ukraine claimed responsibility for a distributed denial-of-service attack on several websites under the administration of the German government.
Among the websites affected was the one of the German Chancellor, Angela Merkel, as well as the one of the Foreign Ministry.
The attack was serious
The hackers operate under the name of CyberBerkut and have claimed responsibility for the attack on the aforementioned websites.
The incident occurred on Wednesday, the day the Ukrainian Prime Minister Arseniy Yatsenyuk was expected to meet with German President Joachim Gauck.
CyberBerkut said that Yatsenyuk sought to obtain a financial loan from the EU and IMF to continue the war in the region and to delay restoring the infrastructure in Ukraine.
“That's why we appeal all people and government of Germany to stop financial and political support of criminal regime in Kiev, which unleashed a bloody civil war,” the group said on its blog.
The information about the incident and the perpetrators behind it is scarce, but during a press conference on Wednesday, Steffen Seibert, the head of the German governmental press, said that the data center of the service provider was under a serious attack that was caused “by a variety of external systems.”
Sensitive information was not exfiltrated
It appears that the attack began on Wednesday morning and extended to the afternoon, making the affected websites inaccessible to visitors.
The individuals responsible may have rented a botnet with the specific purpose of sending large amounts of packets to the web servers hosting the websites, until the requests could no longer be processed and the denial of service condition occurred.
Government systems are often targeted by cyber-attacks and most of the times the mitigations in place manage to thwart the nefarious actions. This time, however, it appears that the hackers’ effort was larger and could not be dealt with without an impact on the targets.
At the moment, all websites are up and running. As far as suspicions that sensitive data may have been exfiltrated are concerned, the online locations made available only general information that is available for the public.