Ukraine: Russian security services were behind cyberattack

Containers are stacked up, Thursday, June 29, 2017, in Elizabeth, N.J., as a truck drives by at Port of Elizabeth, which reports say had trouble with a cyberattack. The dramatic data-scrambling attack that hit computers around the world Tuesday appears to be contained. But with the damage and disruption still coming into focus, security experts worry the sudden explosion of malicious software may have been more sinister than a criminally minded shakedown of computer users. (AP Photo/Julio Cortez)

MOSCOW (AP) — Ukraine accused the Russian security services Saturday of planning and launching a cyberattack that locked up computers around the world earlier this week.

The Ukrainian security agency, known as the SBU, alleged in a statement that similarities between the malicious software and previous attacks on Ukrainian infrastructure revealed the work of Russian intelligence services.

The SBU added that the attackers appeared uninterested in making a profit from the ransomware program and were more focused on sowing chaos in Ukraine.

There was no immediate official response from Russia’s government, but Russian lawmaker Igor Morozov told the RIA Novosti news agency that the Ukrainian charges were “fiction” and that the attacks were likely the work of the United States.

Ukraine was the country most affected by the attack using a strain of malware known by names including NotPetya. Beginning Tuesday, computers across Ukraine at government agencies, energy companies and banks were disabled as their data was encrypted amid demands for ransom payments.

Two cybersecurity outfits have publicly tied the NotPetya malware to hacking groups that many other experts in turn believe are linked to Russian intelligence operations.

Russian anti-virus company Kaspersky Lab has identified similarities between NotPetya and BlackEnergy, a sophisticated malware assumed to have been used in a series of cyberattacks on Ukrainian infrastructure in recent years.

“There are several parts of the code and strings that are shared,” Vyacheslav Zakorzhevsky, the head of Kaspersky’s anti-virus research department, told The Associated Press on Saturday. “These families are connected.”

ESET, a Slovakian cybersecurity firm, said the cyberattacks did not come out of nowhere.

“This was not an isolated incident. This is the latest in a series of similar attacks in Ukraine,” ESET said in a Friday report , suggesting the reason other countries were hit was because the hackers had underestimated the power of their malware and it had spun out of control.

Attributing cyberattacks is a particularly difficult process, but Ukraine has repeatedly accused Russia of sponsoring electronic intrusions, including the hack of Ukraine’s voting system ahead of a 2014 national election and assaults that knocked parts of its power grid offline in 2015 and 2016. Relations between the two countries collapsed when Russia annexed Ukraine’s Crimean Peninsula in 2014 and began backing separatists fighting Ukrainian forces in the country’s east.

Major companies beyond Ukraine that reported being hit by NotPetya included Danish shipping giant A.P. Moller-Maersk, Russian state-owned oil behemoth Rosneft and FedEx subsidiary TNT.

Several of those affected are still struggling to get back online. A.P. Moller-Maersk’s chief operating officer, Vincent Clerc, has told The Wall Street Journal that he expects his firm to return “to some kind of normalcy” by Monday.

On the streets of Kiev, Ukraine’s capital, there were signs that Ukraine had yet to fully recover from the attack as well.

Alexander Havrilenko, 43, said his wife hadn’t been paid as expected because her office at Ukraine’s state-owned Oschadbank was still closed.

“She was told to come in Wednesday — maybe,” he said.

As for who was responsible, Havrilenko didn’t hesitate to echo the Ukrainian government’s line.

“It’s Russia,” he said. provides commenting to allow for constructive discussion on the stories we cover. In order to comment here, you acknowledge you have read and agreed to our Terms of Service. Commenters who violate these terms, including use of vulgar language or racial slurs, will be banned. Please be respectful of the opinions of others and keep the conversation on topic and civil. If you see an inappropriate comment, please flag it for our moderators to review.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s