Diia restores 4 more services after cyberattack on registries
6 January 09:18The Diia portal has restored access to four more services that were down due to a cyberattack on state registries. This was reported by the Diia press service, Komersant ukrainskyi reports.
The State Register of Civil Status Acts (DRACS) is working again. Thus, Diia is restoring access to a number of functions.
In a few clicks, you can now access
- extracts on the place of residence of children;
- update of data on children’s place of residence;
- winter support for children;
- social benefits-subsidies, assistance to families with children.
The portal’s press service claims that they are actively working to restore all services together with the Ministry of Justice.
“We will also promptly inform you about the launch of other services. We would like to remind you that Diia does not store personal data, but only pulls it from the registers,” the statement said.
What is known about the hacker attack
on December 19, Russian hackers announced that they had attacked the digital databases of the Ministry of Justice of Ukraine and posted screenshots of information from them.
The Ministry of Justice itself reported a large-scale failure in the operation of state registries, which will not work at least until the end of the day. According to the ministry, a large-scale failure occurred at the level of the network infrastructure.
The next day, it became known that Russian hackers had carried out the largest attack in the history of independent Ukraine and destroyed a number of data. As a result, employee bookings, LLC registration, online marriage, eVidnuvannya, and other services became temporarily unavailable at Diia. In addition, service centers of the Ministry of Internal Affairs have also suspended some services.
As reported by Kommersant Ukrainian, 27 services have stopped working at Diia.
Diia does not store personal data, but only pulls information from registries, so the portal and app are temporarily down:
- Registration, changes, closure of a sole proprietorship
- Extract from the Unified State Register
- Registration of an LLC
- Transfer of LLC to the model charter
- Construction services
- Booking of employees
- Car re-registration
- Marriage online
- Actual records
- Construction services
- Registration of property ownership
- Information certificate from the State Register of Rights
- Loans to IDPs
- Assistance to persons with disabilities since childhood and children with disabilities
- Assistance to a person who cares for a sick child
- Assistance with the adoption of a child
- Child benefit for a single mother or father
- Construction services
- eHouse
- Reporting damaged/destroyed property
- eRestoration
- eRestoration for business
- Notification of repair work
- Booking by certificate
- International register of losses
- Application for marriage
- Extracts and re-issuance of certificates from the Civil Registry Office.
A large-scale failure at the level of the network infrastructure serving state registries became known on December 19. Later, Olga Stefanishyna reported that Russia had launched a cyberattack on state registries under the jurisdiction of the Ministry of Justice to disrupt critical infrastructure. The registries were temporarily suspended.
Why a cyberattack on state registries became possible
A large-scale cyberattack on the state registries of the Ministry of Justice of Ukraine could have occurred either through phishing or bribery of employees who had access to these registries. This was reported by Oleksandr Fediyenko, chairman of the Subcommittee on Cyberspace Security, Government Communications, Cryptographic Protection of Information of the Verkhovna Rada Committee on National Security, Defense and Intelligence, according to Radio Liberty. According to him, the attack was well prepared, and the login was from a top-level account.
On the eve of the cyberattack, on December 19, NAIS announced that it was carrying out planned technical work, in particular on the USR, the State Register of Civil Status Acts, and the Bankruptcy and Insolvency system.
On the day of the hack, the Russian Telegram channel XakNet Team stated that as a result of the attack on NAIS, hackers had accessed the infrastructure with all the data of the Ukrainian Ministry of Justice. The Russians claimed that after getting into the ministry’s infrastructure, they stole and deleted more than 1 billion lines of data in total, including those stored on a backup server in Poland.