Ukrainian state and banking services were restored on April 28, 2025, following a power outage at the De Novo data center in Kyiv that disrupted critical infrastructure for nearly 48 hours. The incident, initially attributed to a UPS failure, occurred against a backdrop of coinciding DDoS attacks and geopolitical tensions, raising questions about hybrid warfare tactics1.
Technical Breakdown of the Incident
The outage began on April 26 when De Novo’s uninterruptible power supply (UPS) malfunctioned, causing a 15-minute gap in backup systems. This affected cloud-dependent services including the Diia government app, Oschadbank, and logistics provider Nova Poshta2. While CEO Maksym Ahieiev confirmed the cause as technical, Ukrainian Cyber Police simultaneously debunked a fake SMS campaign claiming ATM outages, and the State Service of Special Communication (DSSZZI) reported “powerful DDoS attacks” during the same period3, 4.
Geopolitical Context and Parallel Incidents
The outage coincided with a mass blackout in Spain and Portugal on April 28, though investigations found no evidence linking the two events5. Contrasts emerged in infrastructure resilience: Ukraine’s post-2022 cloud migration limited physical risks, while Iberia’s traditional grid suffered cascading failures. Historical precedents include Russian-linked DDoS attacks during Ukraine’s 2022 invasion and the 2024 Parkovy data center hack6.
| Aspect | Ukraine | Spain/Portugal |
|---|---|---|
| Cause | Technical (UPS failure) | Grid failure (unknown) |
| Duration | ~48 hours | Ongoing (hours) |
| Cyber Links | DDoS coinciding | None confirmed |
Security Implications and Response
Cloudflare CTO John Graham-Cumming noted attackers avoided Cloudflare-protected Ukrainian targets, suggesting strategic target selection6. The incident highlighted vulnerabilities from reduced U.S. cybersecurity aid and underscored the need for redundant systems in conflict zones. Mitigation steps included:
- Validating backup power systems for critical infrastructure
- Monitoring for coordinated cyber-physical disruptions
- Enhancing public communication during crises
Olena Prokopenko of the German Marshall Fund observed:
“Since Russia’s invasion, Ukraine has moved critical services to the cloud to protect against physical destruction.”
Conclusion
The De Novo outage demonstrates how technical failures in high-risk regions can amplify geopolitical tensions. While no cyberattack was confirmed, the parallel DDoS activity and historical context warrant continued vigilance in infrastructure monitoring and threat attribution.
References
- “Ukrainian state and banking services restored after data center outage,” The Record, 2025.
- “Ukrainian cloud provider De Novo experiences power outage,” Data Center Dynamics, 2025.
- Ukrainian Cyber Police Twitter update on fake SMS campaign, 2025.
- DSSZZI Twitter update on DDoS attacks, 2025.
- “Large parts of Spain, Portugal hit by power outage,” Reuters, 2025.
- “More than 70 Ukrainian government websites defaced in cyber attacks,” NPR, 2022.
