Accessibility links

Breaking News

Ukraine Alleges Moscow Behind Massive Cyberattack


Razvan Muresan, a Bitdefender public relations specialist, is backdropped by a screenshot of the message displayed on computers affected by the latest cyberattack, in Bucharest, Romania, June 28, 2017. A new, highly virulent strain of malicious ransom so
Razvan Muresan, a Bitdefender public relations specialist, is backdropped by a screenshot of the message displayed on computers affected by the latest cyberattack, in Bucharest, Romania, June 28, 2017. A new, highly virulent strain of malicious ransom so

A Ukraine official claimed Wednesday that Russia was behind the previous day’s cyberattack that crippled computers in government ministries and power grid facilities, banks, even at Kyiv’s international airport.

Oleksandr Turchinov, secretary of Ukraine’s National Security and Defense Council, made the allegation after Tuesday’s cyberattack that ultimately hit companies around the world in an incident that was similar to a ransomware attack last month that targeted hospitals in Britain.

The cyberattack, which Prime Minister Volodymyr Groysman called “unprecedented,” was caused by a variant of a computer virus known as Petya, which threatens to wipe the infected computer clean of data unless the user pays a ransom in untraceable bitcoins. But the ransomware was just a ruse, according to some experts; the real goal of the hackers was to destroy data, they say.

No proof or claim of responsibility

While there is no proof or claim of responsibility behind Tuesday’s attack, Ukraine officials cited strong circumstantial evidence linking the widespread assault to Russia.

Russia was blamed for a massive cyberattack on neighboring Estonia in 2007, and U.S. authorities, as well as private firms, have blamed Russia for carrying out a number of cyberattacks in connection with United States’ 2016 presidential election. Kyiv has blamed previous cyberattacks on its infrastructure and power grid on Russia, which annexed Ukraine’s Crimea peninsula in 2014.

Investigators work at the scene of a car bomb explosion which killed Maxim Shapoval, a high-ranking official involved in military intelligence, in Kyiv, Ukraine, June 27, 2017.
Investigators work at the scene of a car bomb explosion which killed Maxim Shapoval, a high-ranking official involved in military intelligence, in Kyiv, Ukraine, June 27, 2017.

The attacks also followed the assassination Tuesday of a Ukrainian military intelligence officer in a car bomb in Kyiv. Authorities have called the bombing an act of terrorism. That Wednesday was Constitution Day, a public holiday in Ukraine, led some to speculate that the Petya cyberattacks were a “present” from Russia.

Other experts have noted, however, that the attacks hit targets in other European countries. Russian state oil giant Rosneft reported it had fallen victim to the same ransomware virus.

Burden of proof

Anton Nossik, often called “the father of the Russian internet” and the founder of Lenta.ru and many other known Russian news sites, has doubts about links to Moscow.

“The burden of proof lies with the Ukrainian authorities, who never bothered to provide any evidence before voicing accusations,” Nossik said.

He said Ukrainian authorities should have listened to information technology experts’ warnings about ransomware threats, such as the so-called WannaCry cryptoworm that attacked computer systems worldwide in May.

“Exploit tools are out there in the open, any school kid can use them against whoever forgot to patch his OS. If some government offices happen to neglect the very basic safety measures, they are vulnerable, and Kremlin is not to blame,” Nossik said.

Doubts expressed

Alexander Litreev, a Russian internet security expert, also expressed doubts that the attack was state-sponsored.

“I do not know why the Ukrainian authorities have drawn conclusions about Russia’s involvement in this cyberattack, at the moment, there is no information to confirm or deny these statements. There are no signs of Russian involvement yet,” Litreev said.

While Litreev said he did not yet see signs of state involvement, he did say “the code was written by professionals.”

“The primary purpose, in my opinion, was to hit the largest number of devices possible,” he said.

According to Litreev, fraud was the primary goal for the WannaCry ransomware, but not for Petya.

As for the origin of the attacks, Litreev said it is too early to determine what person or group might have been involved.

“We can’t tell for sure if this is the work of a state, a small group of people, or even a single person. We are looking into it,” he said.

XS
SM
MD
LG