Armed police in Kyiv, saying they acted to prevent another major cyberattack, have raided a software firm that supplies Ukraine's most widely used tax and accounting programs.
Police equipped for combat seized computer servers Tuesday at the main office in Ukraine's capital of software company M.E.Doc. Employees stood by calmly as officers carrying assault weapons and clad in camouflage gear carted away the computer equipment.
"We prevented the initiation of a second wave of viruses," a police spokesman said Wednesday. He added that investigators had already found "evidence of Russian presence on these servers," but he gave no further details.
Ukraine blamed the Kremlin for the cyberattack, but Russia has denied any involvement.
M.E.Doc ("My Electronic Document"), whose programs reputedly are installed on more than a million computer systems, denied any connection to the malware that paralyzed government and business computer networks in Ukraine and more than a dozen other countries, beginning on June 27.
However, the company admitted Wednesday that it had been invaded by hackers in a "backdoor" attack on its servers, and that it was the inadvertent source of the malware, a virus named as "NotPetya" by some computer security experts.
M.E.Doc's chief executive, Olesya Bilousova, told reporters there was a continuing risk, and that any computer on a network that has used the tax and accounting software remained vulnerable to attack. "We need to pay the most attention to those computers which weren't affected [last week]," she said in Kyiv.
"The virus is on them, waiting for a signal," Bilousova said. "There are fingerprints on computers which didn't even use our product."
The cyberattack is estimated to have caused millions of dollars in damage to the infected networks, and some victims have not yet been able to regain access to their data. The unidentified hackers are said to have posted a message online Wednesday offering to unlock and unscramble data stored on infected computers in return for a substantial ransom, payable in the digital currency bitcoin.
The exact motive for the cyberattack is unclear. Despite the hackers' demand for financial payments, experts in Ukraine and the United States have suggested the "ransomware" may have been a disguised attempt to destroy data and sow chaos.
