- The White House blamed Russia for the devastating “NotPetya” cyberattack that crippled business and infrastructure last year.
- The US said the attack “part of the Kremlin’s ongoing effort to destabilize Ukraine,” which was the hardest hit.
- The US’s condemnation of Russia came after the UK issued a similar public attribution.
The White House on Thursday blamed the Russian government for the “NotPetya” cyberattack that crippled businesses and critical infrastructure last June.
The Russian military “launched the most destructive and costly cyber-attack in history,” White House press secretary Sarah Huckabee Sanders said in a statement.
“The attack, dubbed ‘NotPetya,’ quickly spread worldwide, causing billions of dollars in damage across Europe, Asia, and the Americas,” the statement continued. “It was part of the Kremlin’s ongoing effort to destabilize Ukraine and demonstrates ever more clearly Russia’s involvement in the ongoing conflict. This was also a reckless and indiscriminate cyber-attack that will be met with international consequences.”
The attack used a ransomware worm whose targets included Ukrainian banks and airports, the Russian state-owned oil giant Rosneft, the British advertising company WPP, the US pharmaceutical giant Merck, and the shipping company A.P. Moller-Maersk, which said every branch of its business was affected.
NotPetya used a zero-day exploit developed by the National Security Agency known as EternalBlue to spread. Zero-day exploits are tools that take advantage of software vulnerabilities hackers can use to get into computer programs and data. EternalBlue exploits a loophole in Microsoft Windows and was part of a slew of NSA cyberweapons posted online last April by the Kremlin-allied hacker group Shadow Brokers.
The US’s condemnation of Russia for the attack came shortly after the United Kingdom issued a similar statement, saying the Russian military was “almost certainly” responsible for the assault.
British officials said the government’s decision to publicly blame Russia for NotPetya was meant to solidify the UK’s and its allies’ position “that malicious cyber activity will not be tolerated.”
Though Russian businesses were affected, Ukraine was by far the hardest hit by the attack, which came one day before the country’s Constitution Day.
Russia and Ukraine’s relations have seen a steep decline since Russia annexed the territory of Crimea in 2014 and steadily pursued greater military aggression toward its neighbour.
“The first thing that raises a red flag to me is that, right now, Ukraine’s main antagonist is Russia,” Alex McGeorge, the head of threat intelligence at Immunity, Inc., said in an interview last year.
McGeorge said the methodology of the attack also “gives a really good and stable foothold on networks that would matter to somebody who was interested in attacking Ukraine.”
“If I’m interested in disrupting Ukraine, this is great for me,” he said.
Anton Gerashchenko, an adviser to Ukraine’s interior minister, wrote in a Facebook post that the attack was “the largest in the history of Ukraine.”
In 2015, a massive cyberattack leveled against the country’s power grid cut electricity to almost 250,000 Ukrainians. Cybersecurity experts linked the attack to IP addresses associated with Russia. Since then, Wired magazine’s Andy Greenberg reported last year, Ukraine has seen a growing crisis in which an increasing number of Ukrainian corporations and government agencies have been hit by cyberattacks in a “rapid, remorseless succession.”
Ukraine is now host to what may turn into a full-blown cyberwar, Greenberg reported. Two separate attacks on the country’s power grid were part of what Greenberg called a “digital blitzkrieg” waged against it for the past four years, which multiple analysts have connected to Russian interests.
“You can’t really find a space in Ukraine where there hasn’t been an attack,” Kenneth Geers, a NATO ambassador focusing on cybersecurity, told Wired.
Business Insider Emails & Alerts
Site highlights each day to your inbox.