KIEV, July 3 - Ukraine has accused Russian security service of being behind a major cyber attack that crippled operations around the world earlier this week, The Independent reported.
Ukraine’s security service, the SBU, has determined that the attack, which appeared to begin in Ukraine before spreading across the globe on Tuesday, was orchestrated by the same hackers who attacked the Ukrainian power grid in December 2016.
“The available data, including those obtained in cooperation with international antivirus companies, give us reason to believe that the same hacking groups are involved in the attacks, which in December 2016 attacked the financial system, transport and energy facilities of Ukraine using TeleBots and BlackEnergy,” the SBU said in a statement.
“This testifies to the involvement of the special services of Russian Federation in this attack.”
The SBU had also said on Friday that it had seized equipment it claimed belonged to Russian agents in May and June to launch cyber attacks against Ukraine, as well as other countries.
Ukrainian politicians were also quick to lay blame for last week’s attack on Russia, but a Kremlin spokesman dismissed the allegations as “unfounded blanket accusations.”
Cyber security firms are working to figure out who was behind the virus, dubbed Petya, which shut down computers, affected banks and brought operations at a Cadbury chocolate factory in Australia to a standstill.
The attack also affected major Russian firms, leading some cyber security researchers to believe it unlikely that Moscow could be behind the attack.
Experts have said that the software appeared to be part of a plan to crash as many systems, companies and countries as possible.
While the software appeared to operate as ransomware, demanding that users pay $300 (£227) to get their files back, making a payment wasn’t actually possible, suggesting that the ransom demands may have been a way of masking the true motives of those behind the malware.
The SBU also said in a statement on Saturday that the ransom demand was a cover, asserting that the attack was instead aimed at disrupting the operations of state and private companies in Ukraine and causing political instability.
“The main purpose of the virus was the destruction of important data, disrupting the work of public and private institutions in Ukraine and spreading panic among the people,” the SBU said.
“It is clear that this was targeted indiscriminately at Ukrainian businesses, and the Ukrainian government,” Jake Williams, president of the security firm Rendition Infosec and a former member of the US National Security Agency’s elite cyberwarfare group told Associated Press earlier this week. (in/ez)