The U.K. government, backed by an assessment made by its National Cyber Security Centre, stated yesterday that the Russian military was “almost certainly” responsible for the June 2017 NotPetya cyber attacks, mainly aimed at the Ukraine. The White House backed up the U.K.’s claim, saying that the NotPetya ransomware attack led to over a billion dollars’ worth of damage across Europe, Asia and the Americas.
Around 2,000 NotPetya related attacks were launched last summer against primary targets of the financial, energy and government sectors in the Ukraine; and spread to secondary targets of businesses with strong trade links with Ukraine. These included Danish shipping giant Maersk, British Reckitt Benckister, and Dutch delivery firm TNT. The indiscriminate design of the NotPetya virus caused it to spread more widely and affect the operations of other European and Russian businesses.
The U.K. said it believed the attacks were part of the long-standing conflict between Russia and the Ukraine since Moscow annexed Crimea in 2014. Lord Tariq Ahmad, Minister of State for the Commonwealth and the UN at the Foreign and Comonwealth Office said the attack displayed a continued disregard for Ukranian sovereignty.
“The NotPetya attack saw a malicious data encryption tool inserted into a legitimate a piece of software used by most of Ukraine’s financial and government institutions,” the NCSC noted. “The malware was not designed to be decrypted. This meant that there was no means for victims to recover data once it had been encrypted. Therefore, it is more accurate to describe this attack as destructive than as ransomware.” The NCSC added, “Several indicators seen by the NCSC demonstrated a high level of planning, research, and technical capability.”
U.K. Defense Secretary Gavin Williamson took the unusual step of making a public accusation against a foreign state for a cyberattack, and said the U.K. would respond to the fact that Russia was “ripping up the rule book”. A statement from the White House followed, saying, “In June 2017, the Russian military launched the most destructive and costly cyber attack in history. This was also a reckless and indiscriminate cyber attack that will be met with international consequences.”
Russia dismissed the claims as “groundless”, pointing to the fact that Russian businesses were also victims of the NotPetya attacks. “It’s not more than a continuation of the Russophobic campaign,” Kremlin spokesman Dmitry Peskov said.