Disruption comes as tensions with Russia escalate, as NATO and EU promise to help Kyiv weather further attacks.
A massive cyberattack left Ukrainian government websites temporarily unavailable on Friday, officials said.
While it was not clear who was behind the cyberattack, the disruption came amid heightened tensions with Russia and after talks between Moscow and the West failed to yield any significant progress this week.
Ukrainian Foreign Ministry spokesman Oleg Nikolenko told The Associated Press news agency it was too soon to tell who could have been behind the attack, “but there is a long record of Russian cyber-assaults against Ukraine in the past”.
Moscow has previously denied involvement in cyberattacks against Ukraine.
The websites of the country’s cabinet, seven ministries, the treasury, the National Emergency Service and the state services website, where Ukrainians’ electronic passports and vaccination certificates are stored, were temporarily unavailable on Friday as a result of the hack.
The websites contained a message in Ukrainian, Russian and Polish, saying that Ukrainians’ personal data has been leaked into the public domain.
“Be afraid and expect the worst. This is for your past, present and future,” the message read, in part.
Ukraine’s State Service of Special Communication and Information Protection said no personal data has been leaked. Most affected websites were restored later on Friday and no critical infrastructure was affected.
Oleh Derevianko, a leading private sector expert and founder of the ISSP cybersecurity firm, said the timing of the defacement and the provocative message could be important.
It could be “part of a planned hybrid attack or longer term and more sophisticated cyber-operation which is under way but has not culminated”, said Derevianko, adding the main question is whether this is a standalone hacktivist action or part of a larger state-backed operation.
Tensions between Ukraine and Russia have been running high in recent months after Moscow amassed an estimated 100,000 soldiers near Ukraine’s border, stoking fears of an invasion.
Moscow said it has no plans to attack and rejects Washington’s demand to pull back its forces, saying it has the right to deploy them wherever necessary.
The Kremlin has demanded security guarantees from the West that NATO deny membership to Ukraine and other former Soviet countries and roll back the alliance’s military deployments in Central and Eastern Europe. Washington and its allies have refused to provide such pledges, but said they are ready for the talks.
NATO Secretary-General Jens Stoltenberg said on Friday that in the coming days “NATO and Ukraine will sign an agreement on enhanced cyber-cooperation, including Ukrainian access to NATO’s malware information sharing platform”.
European Union foreign policy chief Josep Borrell said the bloc is ready to mobilise resources to improve Ukraine’s capacity to weather cyberattacks.
“Sadly, we expected this could happen,” he said.
Asked who could be behind the attack, Borrell said: “I can’t point at anybody because I have no proof, but one can imagine.”
Russia has a long history of launching aggressive cyber-operations against Ukraine, including a hack of its voting system ahead of the 2014 national elections and an assault on the country’s power grid in 2015 and 2016. In 2017, Russia unleashed one of the most damaging cyberattacks on record with the NotPetya virus that targeted Ukrainian businesses and caused more than $10bn in damage globally.
In a separate development, Russia on Friday said it had dismantled the prominent hacking group REvil, which carried out a high-profile attack last year on IT software company Kaseya, following a request from Washington.
Cybersecurity was one of the main issues on the agenda of a summit meeting between Russian President Vladimir Putin and US President Joe Biden last June.
Russia’s Federal Security Service (FSB) said in a statement that it had “suppressed the illegal activities” of members of the group during raids on 25 addresses that swept up 14 people.
The searches were carried out following an “appeal from the relevant US authorities”.