The system of secure access to the Internet network of the State Cybersecurity Center of the State Service for Special Communications and Information Protection recorded and repelled a number of large-scale DDoS attacks aimed at violating the accessibility of web resources of public authorities of Ukraine.

The center specialists determined that the attacks were mounted from a large number of infected botnet hosts that tried to disguise themselves as legitimate traffic from browsers seeking to bypass blocking rules.

A feature of the attack was the implementation of a bot attack with imitation of user behavior along with a blocked DDoS attack.

"The attackers carried out the cyber operation in two stages. During the first stage, they generated a small amount of botnet traffic to check resources for vulnerabilities for several days. The second stage was to generate a large amount of traffic in a short period of time to block access to web resources. The attack peak exceeded 435 Gbps.

According to the State Service for Special Communications, the attacks were mainly mounted using VPN traffic, masquerading as different countries, including Ukraine. However, such manipulations were detected by the center specialists and blocked thanks to the measures taken to additionally configure security policies.

No violation of resource availability has been detected.