Ukraine isn’t hesitating to point fingers following a major cyberattack that hobbled dozens of government websites. As The Guardianreports, Ukraine’s digital transformation ministry has blamed Russia for the hack, accusing the country of fighting a “hybrid war” meant to “destabilize” an already tense situation and erode trust in the Ukranian government. While officials didn’t elaborate on the evidence linking the attack to Russia, Microsoft shared details late Saturday that suggested a hostile nation was responsible.
The company’s Threat Intelligence Center noted that the code was purely destructive malware disguised as ransomware. It had a ransom note, a Bitcoin wallet and an encrypted messaging identifier, but no recovery mechanism — in fact, it wipes the Master Boot Record (the hard drive element that tells a PC how to load the OS) and downloads malware meant solely to corrupt files. All known targets are in Ukraine, and there aren’t any tangible links between this campaign and other groups.
Russia denied any involvement in the cyberattack. A spokesperson for President Putin said Ukraine pinned everything on Russia, “even the weather.” Russia has long been accused of using cyberattacks to target its political opponents, including Ukraine, the US and European countries.
Microsoft said it wasn’t certain about the current stage of the hacking operation or the scope of the damage. It wasn’t yet clear if there were other victims in Ukraine or beyond. However, it’s safe to presume the timing of the attack is problematic regardless of the perpetrator. Ukraine and its allies have been worrying for months about signs of a looming Russian invasion, and the US on January 14th claimed Russia was planning a false flag operation that would help it justify that invasion. The cyberattack appears to be exacerbating those tensions, and may have weakened Ukraine’s government infrastructure at a critical moment.