The NoName ransomware group has reportedly launched a series of attacks targeting several Ukrainian government websites, including Accordbank, Zaporizhzhya Titanium-Magnesium Plant, State Tax Service, Central Interregional Tax Administration, Western Interregional Tax Administration, and the Main Directorate of the State Tax Service in Kyiv. The group claimed responsibility for the attacks on their dark web leak portal, where they posted a list of the alleged victims. Screenshots from the dark web reveal a message stating, “We continue to nightmare Ukrainian sites.” The affected websites displayed various error messages, including bad gateway and “403 Forbidden,” impacting essential services like the State Tax Service.
The NoName ransomware group’s attack on Ukrainian government sites seems to involve a Distributed Denial of Service (DDoS) component, further complicating the situation. The dark web leak portal showcased a list of their recent victims, indicating a continued onslaught on Ukrainian online entities. The interconnected nature of the affected tax administration websites suggests that the attack on Ukraine’s State Tax Service had a cascading effect on linked sites. The consequences of such cyberattacks on critical government infrastructure highlight the vulnerabilities that persist in the digital landscape and the potential for widespread disruption.
The targeted Ukrainian government entities, including financial institutions and tax services, faced significant disruptions as their websites displayed error messages and became inaccessible. The “403 Forbidden” error on Accordbank’s website and the prolonged response time on the State Tax Service’s site reflect the impact of the ransomware attack. The interconnectedness of these government sites underscores the broader ramifications of such cyber threats on essential services, emphasizing the urgency of robust cybersecurity measures to safeguard critical infrastructure from malicious actors.