UB School of Management expert available to discuss Ukrainian website hacking

Hand in front of computer monitor with letters, numbers and password.

Release Date: January 19, 2022

Expect to see a rise in similar cybersecurity attacks in the coming years, Sellitto says.

“For many organizations, it can become like an old cartoon scene: plug the leak in the dam and another leak pops up—eventually, you’re overwhelmed. ”
University at Buffalo School of Management

Dominic Sellitto
Clinical Assistant Professor of Management Science and Systems
University at Buffalo School of Management

Sellitto is an expert in cybersecurity, information assurance, digital forensics and information technology (IT) management.

According to Sellitto, the Ukrainian attack was multi-faceted:

  • A supply chain attack, where a vendor is compromised (a vendor with apparent administrative access, in this case) and the trusted relationship with the vendor is leveraged to launch the attack
  • Exploits of the recently discovered Log4J2 vulnerability, which impacted a large number of systems across the world late last year, and is a software weakness that can allow attackers to take control of computer systems
  • Other attack vectors, including DDoS (Distributed Denial of Service) and malware

“With the ubiquitous availability of technology resources, the cost of conducting these attacks is lower than ever so it makes sense that we would see more attacks that leverage multiple simultaneous, independent attacks like this one,” says Sellitto. “For many organizations, it can become like an old cartoon scene: plug the leak in the dam and another leak pops up—eventually, you’re overwhelmed.”

Sellitto says patch management, supplier security and incident response are critical, and there’s a greater need to prioritize these items in both public and private sectors and adapt them for the increasing velocity of attacks.

“We continue to have serious problems with securing critical public infrastructure,” says Sellitto.

“In the case of the Ukrainian websites, the attacks seem, at least initially, designed to disrupt and deface, but we’ve already seen instances of more harmful attempts by hackers,” he says, citing the attempted lye-poisoning attack on the water supply in Oldsmar, Florida, in early 2021.

To schedule an interview with Professor Sellitto, contact Kevin Manne, assistant director of communications, at 716-645-5238 or kjmanne@buffalo.edu.

The UB School of Management is recognized for its emphasis on real-world learning, community and economic impact, and the global perspective of its faculty, students and alumni. The school also has been ranked by Bloomberg Businessweek, Forbes and U.S. News & World Report for the quality of its programs and the return on investment it provides its graduates. For more information about the UB School of Management, visit management.buffalo.edu.

Media Contact Information

Kevin Manne
Associate Director of Communications
School of Management