Several Ukrainian government websites were taken over by hackers in the past week. Identifying the culprit in the big hack is tricky, but in this case many signs suggest that Russia was behind it.

Some 70 Ukrainian government websites were shut down in the recent cyberattacks, including those of the Ministry of Foreign Affairs and Ministry of Education.

The hackers wrote in Ukrainian, Russian and Polish that they had stolen the personal data of millions of Ukrainians and that they would publish the data. Shortly thereafter, the Ukrainian government said no information had been leaked.

The Eastern European nation this week said it had evidence that Russia was behind the attack. According to the government, Russia has been using cyber attacks for years to intimidate the Ukrainian population and destabilize society.

Geopolitical tensions and cyberattacks often go hand in hand

Mariëlle Wijermars, assistant professor of Cyber ​​Security & Political Security at Maastricht University, said she had not seen convincing technical evidence that Russia was behind the attack. “It often takes time to complete an investigation,” he said. “But Russia uses cyberattacks more often in conflicts with neighbors, so they have a track record.”

Cybersecurity expert Ronald Pool from CrowdStrike wouldn’t be surprised if Russia was behind this either. “There’s generally a clear link between geopolitical tensions and cyberattacks. That’s usually no coincidence.”

Not only because of tensions at the border, Russia was identified as the culprit. In allegations of this kind, a great deal of evidence is often gathered to link the attack to someone with some degree of certainty.

“For example, you see where the domain name and IP address have been communicated from,” said Pool. “Was a particular program used? How exactly was the attack orchestrated and did it fit into known patterns of behavior of a hacker group? If you gather evidence of that, you can make it plausible that a certain group was behind it.”

Even a relatively small attack can have big consequences

This is not the first time Russia has been blamed for a cyberattack in Ukraine. For example, there is ample evidence that Russia carried out an attack on Ukraine’s energy grid in 2015. As a result, some 230,000 residents lost power for hours.

When it comes to digital resilience, Russia has an edge over Ukraine, according to experts. “This is David versus Goliath,” said Pool. But the state did get help. For example, the United States has invested heavily in Ukraine’s digital security in recent years and the United States and Britain have sent additional experts to the country to stop attacks.

Taking over government sites may seem lighter than shutting down the power grid, but it can also have a huge effect on Ukrainian citizens, Wijermars said. “The image of the government is damaged because of this, which makes people wonder: is my government reliable?”, said the university lecturer. “Cyberattacks can be relatively simple, but have a huge impact by creating chaos and sowing division.”