Current Affairs / Not just a ransomware attack: Petya cyber-attack was meant to destabilise Ukraine
Not just a ransomware attack: Petya cyber-attack was meant to destabilise Ukraine
29 June 2017 |
Hackers behind the Petya ransomware attack that compromised Ukraine's power grid, its central bank and two postal services, used a tax filing software to spread the germ with devastating effect, say experts.
The affected tax filing software is installed on Ukrainian government computers and is also used by thousands of businesses for tax filing purposes.
The Petya malware attack, unlike WannaCry, didn't just encrypt files stored in computers but systematically destroyed large networks owned and run by the Ukrainian government and it's allied agencies which included the country's central bank.
The malware later spread to other countries in Europe as well as to the United States, affecting operations of global firms like Danish shipping company Maersk, Russian oil giant Rosneft, aircraft manufacturer Antonov, US pharmaceutical giant Merck as well as its subsidiary Merck Sharp & Dohme (MSD) in the UK.
“This isn’t about the money. This attack is about disabling how large companies and governments can operate. You get a double whammy of the initial cyber attack and then organizations being forced to shut down their operations,” said Brian Lord, a former deputy director of intelligence and computer operations at Britain’s Government Communications Headquarters to The New York Times.
U.S. based technology company Cisco is presently assisting Ukraine's cyber security authorities in determining the source of the cyber-attack that virtually brought down the country's connected infrastructure this week. According to The New York Times, as many as 1,500 businesses had reported computer intrusions to the police. Ukrainian authorities are convinced that the cyber-attack was sponsored by Russia, even though the source of the attack hasn't been determined as yet.
M.E.Doc, the company that manufactures the tax filing software, is also cooperating with the Ukrainian police on the investigation. The software is based on the Windows operating system but Microsoft has said that it “now has evidence that a few active infections of the ransomware initially started from the legitimate M.E.Doc updater process.”
“War in cyberspace, seeding fear and horror among millions of personal computer users, and inflicting direct material damage from destabilizing the work of businesses and the state, is just one part of the hybrid war of the Russian empire against Ukraine,” said Ukrainian member of Parliament Anton Gerashenko.
"A cyber attack with the ultimate goal of an attempt to destabilize the situation in the economy and public consciousness of Ukraine was disguised as an attempt to extort money from computer owners," he added.
Gerashenko added that the cyber-attack had destabilised operations in banks, media organisations, communication facilities, transport, telecommunications, and energy departments. Among the hardest hit were Ukr telecom, Dniproenergo, Ukrzaliznytsia, Boryspil Airports, and the Cabinet of Ministers of Ukraine.
Latest posts by Jay Jay (see all)
- Europol busts international e-commerce fraud ring, arrests 95 fraudsters - 22nd June 2018
- Infosec professionals believe nation-state attacks will rise this year - 22nd June 2018
- Flightradar24 data breach exposed email IDs & hashed passwords of 230,000 customers - 22nd June 2018
- Islington Council asked residents to share credit card details in plain text - 21st June 2018
- Cyber criminals leveraging fake Fortnite for Android apps to generate clicks - 21st June 2018