US, Britain blame Russia for 'NotPetya' ransomware attack

'It was part of the Kremlin's ongoing effort to destabilize Ukraine'

Afp February 16, 2018

WASHINGTON: The United States and Britain on Thursday blamed the Russian military for last year's devastating "NotPetya" ransomware attack, calling it a Kremlin effort to destabilize Ukraine which spun out of control.

Statements from Washington and London said Russia would face ramifications for the attacks that crippled computer networks in the United States and Europe, including those of some big corporations.

A White House statement, echoing one from Britain's Foreign Office hours earlier, pointed the finger at the Russian military for the June 2017 attack and called it "the most destructive and costly cyber attack in history," resulting in billions of dollars in economic losses.

China and Russia developing ‘destructive’ weapons for space conflict, warns US

"It was part of the Kremlin's ongoing effort to destabilize Ukraine," the US statement said.

The White House added that "NotPetya," which hit thousands of computer systems and caused damage across Europe, Asia, and the Americas, was a "reckless and indiscriminate cyber attack that will be met with international consequences."

Earlier in London, Foreign Office Minister for Cyber Security Tariq Ahmad said the British government decided to publicly attribute the blame, underscoring that Britain and its allies "will not tolerate malicious cyber activity."

"Primary targets were Ukrainian financial, energy and government sectors," the British statement said, adding that NotPetya's "indiscriminate design caused it to spread further, affecting other European and Russian business."

British Defence Secretary Gavin Williamson said the attack was further evidence of a "new era of warfare," with "a destructive and deadly mix of conventional military might and malicious cyber attacks."

Russia "is ripping up the rule book by undermining democracy, wrecking livelihoods by targeting critical infrastructure and weaponizing information," he said.

The accusation was immediately denied by the Kremlin.

"We categorically reject such accusations. We consider them unsubstantiated and groundless," Kremlin spokesperson Dmitry Peskov told journalists.

"This is nothing but a continuation of a Russophobic campaign that is not based on any evidence," he said.

The attack blocked thousands of computers worldwide, particularly affecting multinational companies and critical infrastructure, such as radiation monitors at the old Chernobyl nuclear power plant and the ports of Mumbai and Amsterdam.

Companies hit included the Russian oil group Rosneft, Danish shipping company Maersk, US pharmaceutical giant Merck, French construction specialist Saint-Gobain and the British advertising firm WPP.

Ukraine, which is battling Russia-backed rebels in a conflict that has killed more than 10,000 people, was the worst affected country.

Banking operations were compromised in what authorities said was an unprecedented attack, which even disrupted arrivals and departures informations at the capital's main Boryspil airport.

The virus, which demanded a payment worth $300 as it locked up files at companies and government agencies, was reminiscent of the WannaCry ransomware attack that swept the world a month earlier in May 2017, hitting more than 200,000 users in more than 150 countries.

Britain and the United States have blamed North Korea for the WannaCry attack, saying it may have been an attempt by the isolated communist regime to access foreign currency.

The NotPetya attack appeared smaller in scale, with global cybersecurity firm Kaspersky Lab estimating there were thousands of victims.

Comparing it to WannaCry, the director of European police agency Europol, Rob Wainwright, said at the time that NotPetya showed "indications of a more sophisticated attack capability intended to exploit a range of vulnerabilities."

The public accusations come amid rising tensions over Russia's cyber activities, amid fears of a disinformation effort led by Moscow aimed at disrupting the 2016 US election and stoking political divisions.

Social media automated accounts or "bots" believed to be directed from Moscow have been blamed for efforts to manipulate public opinion in the United States and elsewhere.

UK blames Russia for cyber attack, says won't tolerate disruption

Some British politicians have accused Russia of attempts to disrupt the democratic process in Britain by online interference in political campaigns such as the 2016 Brexit referendum and a 2017 general election.

Speaking on Wednesday, John Chipman, director of the International Institute of Strategic Studies, said Russia was engaged in "capabilities beyond conventional military force that are easier to develop and deploy unaccountably."

"There is still no effective response from the West either in the form of countermeasures or sanctions," he said.


Replying to X

Comments are moderated and generally will be posted if they are on-topic and not abusive.

For more information, please see our Comments FAQ