A Ukraine official claimed Wednesday that Russia was behind the previous day’s cyberattack that crippled computers in government ministries and power grid facilities, banks, even at Kyiv’s international airport.
Oleksandr Turchinov, secretary of Ukraine’s National Security and Defense Council, made the allegation after Tuesday’s cyberattack that ultimately hit companies around the world in an incident that was similar to a ransomware attack last month that targeted hospitals in Britain.
The cyberattack, which Prime Minister Volodymyr Groysman called “unprecedented,” was caused by a variant of a computer virus known as Petya, which threatens to wipe the infected computer clean of data unless the user pays a ransom in untraceable bitcoins. But the ransomware was just a ruse, according to some experts; the real goal of the hackers was to destroy data, they say.
No proof or claim of responsibility
While there is no proof or claim of responsibility behind Tuesday’s attack, Ukraine officials cited strong circumstantial evidence linking the widespread assault to Russia.
Russia was blamed for a massive cyberattack on neighboring Estonia in 2007, and U.S. authorities, as well as private firms, have blamed Russia for carrying out a number of cyberattacks in connection with United States’ 2016 presidential election. Kyiv has blamed previous cyberattacks on its infrastructure and power grid on Russia, which annexed Ukraine’s Crimea peninsula in 2014.
The attacks also followed the assassination Tuesday of a Ukrainian military intelligence officer in a car bomb in Kyiv. Authorities have called the bombing an act of terrorism. That Wednesday was Constitution Day, a public holiday in Ukraine, led some to speculate that the Petya cyberattacks were a “present” from Russia.
Other experts have noted, however, that the attacks hit targets in other European countries. Russian state oil giant Rosneft reported it had fallen victim to the same ransomware virus.
Burden of proof
Anton Nossik, often called “the father of the Russian internet” and the founder of Lenta.ru and many other known Russian news sites, has doubts about links to Moscow.
“The burden of proof lies with the Ukrainian authorities, who never bothered to provide any evidence before voicing accusations,” Nossik said.
He said Ukrainian authorities should have listened to information technology experts’ warnings about ransomware threats, such as the so-called WannaCry cryptoworm that attacked computer systems worldwide in May.
“Exploit tools are out there in the open, any school kid can use them against whoever forgot to patch his OS. If some government offices happen to neglect the very basic safety measures, they are vulnerable, and Kremlin is not to blame,” Nossik said.
Alexander Litreev, a Russian internet security expert, also expressed doubts that the attack was state-sponsored.
“I do not know why the Ukrainian authorities have drawn conclusions about Russia’s involvement in this cyberattack, at the moment, there is no information to confirm or deny these statements. There are no signs of Russian involvement yet,” Litreev said.
While Litreev said he did not yet see signs of state involvement, he did say “the code was written by professionals.”
“The primary purpose, in my opinion, was to hit the largest number of devices possible,” he said.
According to Litreev, fraud was the primary goal for the WannaCry ransomware, but not for Petya.
As for the origin of the attacks, Litreev said it is too early to determine what person or group might have been involved.
“We can’t tell for sure if this is the work of a state, a small group of people, or even a single person. We are looking into it,” he said.