Press play to listen to this article
Europe was on Friday rushing to support Kyiv's cybersecurity services as they fight an attack against Ukrainian government websites.
Although no group has been immediately identified as responsible, the attacks on official sites come as some 100,000 Russian troops are massed on the Ukrainian border, sparking fears of a potential invasion. Taking down communications would be an expected precursor to a military assault.
The European Union's chief diplomat Josep Borrell was quick to hint at the Kremlin's involvement. Although he noted the attacker was still unknown, he said "one can figure" who is behind the strike against the websites.
He added the bloc would "mobilize all our resources to help Ukraine to face these cyberattacks."
The websites of the ministry of foreign affairs, the ministry of agriculture and ministry of education went down due to the "massive hacking attack," a spokesman for the foreign ministry tweeted Friday — a day after diplomatic talks between Russia and the West ended in stalemate.
Unidentified hackers defaced and crippled multiple Ukrainian government websites on Friday. "Ukrainians, be afraid and prepare for the worst. All your personal data has been uploaded to the web," a message said in Ukrainian, Russian and Polish, before the page was taken down. The foreign affairs, agriculture and education websites were still down at the time of writing, as were websites of Ukrainian embassies and missions across the world.
The EU on Friday called for the Political and Security Committee (PSC), a body that deals with security and defense, to gather for an emergency meeting to discuss "how we can provide technical assistance to Ukraine to it increase its resilience against these kinds of attacks," Borrell told reporters in Brest, France, on the sidelines of an informal meeting of foreign affairs ministers.
According to some diplomats, no decision is expected at the PSC meeting in the afternoon because Ukraine still has to investigate who is behind the attack and also to indicate what kind of help it needs. Still, a declaration has been proposed and one option is to send experts. Diplomats point out that last month the EU agreed to give €31 million to Ukraine (coming from the European Peace Facility, an off-budget instrument that allows the bloc to do more on defense and security) and is aimed to offer support on cyber.
The bloc's chief diplomat said EU countries involved in a joint military project on cyber defense would be asked to step in and help Ukraine.
Friday's attack has security officials on high alert over what could come next. Ukraine has been the target of massive cyberattacks that were attributed to Russian state-backed groups in the past. Russian officials have been blamed by Western intelligence for shutting down Ukrainian power grids in 2015 and 2016 and unleashing a global ransomware attack called NotPetya from Ukraine in 2017. The EU has sanctions in place on Russian intelligence officials in July 2020 for the latter attack.
While officials haven't called out Russia for perpetrating Friday's cyberattack, it fits the country's strategy as it negotiates with Western powers over an escalating crisis at Ukraine's borders.
"For Russia it's a show of force," said Merle Maigre, the former head of NATO's cyber center of excellence in Tallinn and cybersecurity expert, who has worked in Ukraine. "It's a textbook example of how cyberattacks are part of foreign policy."
But, she added, it was less drastic than would be expected for a military move against Ukraine.
That said, officials do fear the cyberattack could be the precursor of a military operation by Russia.
"We have to be very firm in our messages to Russia that if there are attacks against Ukraine, we would be very harsh and very strong and robust in our response," Sweden's Minister for Foreign Affairs Ann Linde said in Brest, although she also added that "of course, we have to see who is responsible for it."
Her comments were echoed by Marcin Przydacz, Poland’s deputy foreign minister, who told POLITICO that "we need to not only offer our assistance to Ukraine, not only build our European resilience with regard to this sphere but send a clear signal to those who are standing behind this. Further aggressive steps, also those below threshold of war, should meet our political, economic and diplomatic reaction.”
According to Bart Groothuis, a member of the European Parliament and former top cyber official at the Dutch Ministry of Defense, "we have to keep a cool head. You shouldn't send offensive cyber forces but we should speed up support to keep Ukrainian society running."
"What's of key importance now is that EU member states investigate who is behind these attacks, that we uncover this," Groothuis said, because this means the EU can take steps like sanctions and diplomatic pushback. "Without [attribution] we're a toothless tiger."
Jacopo Barigazzi contributed from Brest, France.
Want more analysis from POLITICO? POLITICO Pro is our premium intelligence service for professionals. From financial services to trade, technology, cybersecurity and more, Pro delivers real time intelligence, deep insight and breaking scoops you need to keep one step ahead. Email [email protected] to request a complimentary trial.