Feb 15, 2018 - World

U.K. points finger at Russia for massive NotPetya attacks

Man in silhouette in front of screen projecting NotPetya ransom screen.

NotPetya malware wiped hard drives disguised as the Petya ransomware. Photo: Alexander Ryumin / Getty

The British National Cyber Security Centre said Thursday that "the Russian military was almost certainly responsible" for the disastrous NotPetya malware attack.

Why it matters: NotPetya created massive global damage last June, with $300 million to shipping giant Maersk alone. But, cybersecurity firm ESET calculated that 80% of its damages were centered in Ukraine. That was by design. The malware was affixed in an update to accounting software M.E.Doc, which is widely and almost exclusively used in Ukraine.

Deja Vu: Russia is linked to a large number of cyberattacks against its European neighbors, with particular venom towards the former Soviet Bloc and especially Ukraine. The country has faced several blackouts caused by cyberattacks believed to be launched by Moscow, and believes Russia almost comedically botched an election hacking scheme in 2014.

NotPetya is presented as ransomware, a high tech extortion scheme where malware encrypts files and charges users for the decryption key. But in this case, NotPetya was deliberately capable of decrypting files, even if the user paid. Most experts believe NotPetya was intended to cause damage rather than make money.

Go deeper