On April 24, the official website of the Ukrainian energy ministry was the victim of a ransomware attack, requesting 0.1 bitcoin for its restoration. The affected web portal, whose content manager is a Drupal, had not been updated with the latest security patches, which helped the attacker to infect it.
According to Ukrainian police spokeswoman Yulia Kvitko, the attack is an isolated incident and the ministry's email system is active. Researchers from the firm AlienVault indicate that the attack had two different stages and probably two attackers, the first only made a defacement and the second attacker was the one who encrypted the website. In addition, the indications are that this attack has been carried out by anonymous cybercriminals and not by an organized group.