Ukraine has accused Russia of mounting a “hybrid war” after a massive cyberattack left much of the country without heat, light and access to money.
As around 100,000 Russian troops gather near the border, the country has been “building up its forces” online too, the Ukrainian government said.
Officials in Kiev say they have evidence Moscow was behind the attack, which knocked out key government websites on Friday.
Tensions are high on the Ukrainian border, where the threat of a Russian invasion looms.
Some experts believe the cyberattack was an attempt by president Vladimir Putin to destabilise Ukraine ahead of an invasion.
But BBC cyber reporter Joe Tidy believes it was “more of a coordinated attack by patriotic Russian hackers” rather than a “Kremlin-ordered cyber offensive.”
About 70 government websites were temporarily down, but access to most of the sites was restored within hours.
A message left in the mass web defacement told Ukrainians to “be afraid and expect the worst”.
The attackers claimed to have destroyed data and placed it online, but Ukrainian authorities say this has not happened.
“All evidence indicates that Russia is behind the cyberattack,” the Ministry of Digital Development said in a statement today.
“Moscow continues to wage a hybrid war and is actively building up its forces in the information and cyberspaces.”
The ministry urged people in Ukraine not to panic and said their personal information was secure.
It said the attack was designed to “intimidate society but to also destabilise the situation in Ukraine, halting the work of the public sector and crushing Ukrainians’ trust in the authorities.”
The information ministry pointed out Russian media managed to report news of the attack before Ukrainian outlets.
The Kremlin has denied the claims, saying there is no evidence Russia is responsible.
“We have nothing to do with it, Mr Putin’s spokesperson Dmitry Peskov told CNN.
“Ukrainians are blaming everything on Russia, even their bad weather in their country,” he said.
In a blog post published today, Microsoft said dozens of computer systems at Ukrainian government agencies had been infected with destructive malware disguised as ransomware.
The company said it first detected the malware on Thursday, explaining it was “designed to render targeted devices inoperable rather than to obtain a ransom.”
It said the affected systems “span multiple government, non-profit, and information technology organisations.”
Microsoft said it did not know how many more organisations might be affected, but expects to learn of more infections.
A leading private sector cybersecurity executive in Kiev, Oleh Derevianko, said the intruders penetrated the government networks through a shared software supplier in a supply-chain attack like the 2020 SolarWinds Russian cyberespionage campaign targeting the US government.
In 2017, Russia attacked Ukraine with one of the most damaging cyberattacks on record with the NotPetya virus, causing more than 10 billion US dollars (£7.3 billion) in damage globally.
That virus, also disguised as ransomware, was a so-called “wiper” that erased entire networks.