The US has accused Russia of planning covert operations, including sabotage, in eastern Ukraine in an effort to create a “pretext for invasion”, after diplomatic efforts to defuse the crisis faltered and government websites were hit by a major cyber attack.
A US official said on Friday: “We have information that indicates Russia has already pre-positioned a group of operatives to conduct a false-flag operation in eastern Ukraine. The operatives are trained in urban warfare and in using explosives to carry out acts of sabotage against Russia’s own proxy-forces.”
False flag operations are designed to hide the true source of a provocative act. The official said such “sabotage activities” and “information operations” would serve to accuse “Ukraine of preparing an imminent attack against Russian forces in eastern Ukraine”, adding that this could be a precursor to a military invasion starting “between mid-January and mid-February”.
Ukraine’s army defence intelligence service also warned that “Russian special services are preparing provocations against servicemen of the Russian Armed Forces to accuse Ukraine of this” and, in turn, justify further military aggression against its neighbour.
Earlier on Friday Ukraine said it was the target of a “massive cyber attack” after about 70 government websites ceased functioning. Targets included websites of the ministerial cabinet, a number of ministries, the state treasury and the Diia electronic public services platform, where vaccination certificates and electronic passports are stored.
“Ukrainians! All your personal data has been uploaded to the public network,” read a message posted on the foreign ministry’s website. “All data on your computer is being erased and won’t be recoverable. All information about you has become public, fear and expect the worst.”
Ukraine’s Centre for Strategic Communications, a government agency set up to counter Russia’s aggression, accused Moscow of being behind Friday’s cyber attacks while noting that official investigators have yet to formally draw such a conclusion.
“This is not the first or even the second time that Ukrainian internet resources have been attacked since the beginning of Russia’s military aggression . . . we assume that the current one is connected with the recent defeat of Russia in the negotiations on the future co-operation of Ukraine with Nato,” the agency said.
The attack follows tense negotiations this week between the US, Nato and western allies and Russia, aimed at deterring Russian president Vladimir Putin from deciding on a deeper invasion of Ukraine. Moscow annexed the Ukrainian peninsula of Crimea in 2014.
Ukrainian officials recently warned that cyber attacks and other efforts to destabilise the country would be a prelude to further aggression.
The message left by hackers, posted in Ukrainian, Russian and Polish, added: “This is for your past, present and future. For Volyn, for the OUN UPA [Organization of Ukrainian Nationalists/Ukrainian Insurgent Army], for Halychyna, for Polissya and for historical lands.”
Comments at the end of the message referred to Ukrainian insurgent fighters during the second world war and appeared to chastise Ukraine for ethnic clashes and atrocities. Poland and Ukraine accuse each other of committing atrocities during the period in the region, which the countries have jostled over for centuries.
The hackers’ post also included defaced images of Ukraine’s national symbols.
It was not immediately clear if the hackers were Polish or if this was an attempt to incite divisions between Ukraine and Poland, one of Kyiv’s strongest European allies.
Julianne Smith, the US ambassador to Nato, said the US would wait “to see what we find out today”. She added that proof of a Russian cyber attack “certainly” would be classed as an example of renewed aggression against Ukraine, which could trigger western sanctions against Moscow.
“We are monitoring everything that Russia is going to be doing towards Ukraine,” she said. “We are attuned to some of the efforts to destabilise Ukraine from within. We all understand that there’s an array of scenarios that could unfold as it relates to what happens between Russia and Ukraine.”
Jens Stoltenberg, Nato’s secretary-general, said he “strongly” condemned the cyber attacks.
“Nato cyber experts in Brussels have been exchanging information with their Ukrainian counterparts on the current malicious cyber activities. Allied experts in the country are also supporting the Ukrainian authorities on the ground,” he said.
Josep Borrell, Brussels’ top diplomat, said the EU’s political and security committee and cyber units would discuss how to help Kyiv.
“We are going to mobilise all our resources to help Ukraine to tackle this cyber attack. Sadly, we knew it could happen,” Borrell was quoted as saying by Reuters at an EU foreign ministers’ meeting in France. “It’s difficult to say [who is behind it]. I can’t blame anybody as I have no proof, but we can imagine.”