Jan 13, 2018 - World

Russia behind NotPetya cyberattack in Ukraine, CIA concludes

Vladimir Putin.

Vladimir Putin. Photo: Mikhail Svetlov / Getty Images

The CIA concluded that Russian military hackers were responsible for a cyberattack that disabled computers in Ukraine last year, The Washington Post’s Ellen Nakashima reports, citing U.S. intelligence officials referencing a classified report.

Why it matters: Experts believe Russia is using Ukraine as a testing ground for future cyberattacks, so the way it behaves in Ukraine is worth watching. The tactic here is notable as well: the hackers launched the attack using what appeared to be ransomware, which would make it appear is if they were criminal hackers.

Takeaway: This suggests attribution of cyberattacks, already difficult to accomplish, may be becoming an even more counterintuitive process as hackers adopt more deceptive methods.


  • The CIA reportedly concluded in November with “high confidence” that the GRU military spy agency created NotPetya, per the WaPo.
  • This would not be the first time Russia is at least suspected of having gone after Ukraine. Recall the 2015 attack on Ukraine that shut off its power grid.

The CIA declined to comment to the WaPo.

Context: Russia has long viewed Ukraine as a part of Russia and sees it as an important geopolitical asset between NATO and Russia. But since the 2000s, Russia has seen what appears to be a westernization of Ukraine. After the upheaval in 2014 in Ukraine, conflict broke out between Russia and Ukraine and cyberattacks with links to Russia have been involved almost from the very beginning.

Go deeper: Russia’s test ground for cyberwarRussian hackers targeting U.S. Senate ahead of 2018 midterms ... The world’s top cyber powers

Go deeper