Russian Hackers Breach Ukraine’s Digital Infrastructure, Impacting Diia Mobile ID

A cyberattack attributed to Russian hackers has disrupted Ukraine’s government services and compromised sensitive personal data stored in state registries. The attack targeted databases under the Justice Ministry containing property records and biometric data, affecting the country’s digital infrastructure including the Diia mobile application, which serves as Ukraine’s primary digital identity and e-government platform.

The Justice Ministry reported last month that several critical databases were taken offline, preventing citizens from accessing basic administrative functions like filing legal claims or registering marriages. While officials assured that access to Diia would be restored, the incident exposed vulnerabilities in the app’s centralized backend platform, Trembita. This breach represents the most significant attack on Ukraine’s digital infrastructure since the platform’s launch in 2020.

Trembita functions as a digital communication network connecting government databases and enabling Diia’s operations. Though officials maintain that Trembita performed as designed during the attack, former Ukrainian security official Mykyta Knysh identified the centralized infrastructure as a significant “single point of failure.” Security experts had previously cautioned in 2021 that consolidating sensitive data under Diia could create vulnerabilities to large-scale breaches.

The Russian hacking group XakNet claimed responsibility for the attack. As Kyiv Independent reports, Ukraine’s Ministry of Digital Transformation, which has spearheaded the country’s rapid digitalization efforts, has focused on consolidating government services into a smartphone-based model under the Zelensky administration. Cybersecurity consultant Karla Wagner characterized this as “very, very fast progress” that left certain vulnerabilities unaddressed.

The compromised registries contained personal addresses, family relationships, and asset information. Security analysts indicate this data could potentially enable identification and targeting of Ukrainian military or government personnel, while also facilitating future cyberattacks, identity theft, and phishing campaigns. The breach is particularly concerning given Ukraine’s increasing reliance on digital identity systems for accessing government services and managing civilian and military operations.

The Justice Ministry has announced plans to restructure its digital infrastructure through a “Pentagon of registries” initiative, which aims to create a more distributed and resilient system architecture. However, Wagner questioned the substance of these measures, suggesting authorities should address fundamental weaknesses in Ukraine’s digital systems to prevent future breaches. The incident highlights the ongoing challenges of balancing rapid digital transformation with robust security measures in a conflict zone.

Sources: Kyiv Independent

–

January 21, 2025 – by Cass Kennedy