/ Cyber Snippets

UK blames Russia for last year’s NotPetya cyber attack

The UK government has officially accused Russia of last June’s NotPetya ransomware attack.

What happened?

The malware attack hit businesses with strong trade links to the Ukraine, such as TNT and Danish shipping giant Maersk.

The attack also hit Ukraine’s radiation monitoring system at the Chernobyl Nuclear Power Plant.

Similar to the WannaCry ransomware attack that occurred the month before, the attack was based on a modified version of the Peta ransomware, and uses the EternalBlue exploit found in older versions of Microsoft Windows.

When Petya is executed, it encrypts part of the hard drive, forcing the computer to restart.

Security experts found that the kind of Petya used had been modified and was subsequently named NotPetya or Nyetna to distinguish it from the original malware.

In this instance it displayed a message to users, informing them that their files were now encrypted and that they should send US$300 in bitcoin to one of three wallets in return for unencrypted files.

An unusual step?

Yes, it is not often that the UK Government attributes blame in such a public way and Defence Secretary Gavin Williamson said that Russia was “ripping up the rule book” and that the UK was duty-bound to respond.

Lord Ahmed of Wimbledon, a Foreign Office minister, said that the UK’s decision to identify the Kremlin underlined the fact that the government will not tolerate “malicious cyber activity.”

Was it Russia?

As you can imagine, Russia has denied responsibility and pointed out that Russian firms were among those hit by the attack, which cost companies $1.2 billion in all.

Russian experts believe that around 2,000 attacks were launched and that they targeted Ukrainian government networks and other assets belonging to the country.

Read more