Home>CERT-LatestNews>Petya ransomware: Ukraine blames Russia for carrying out cyber attack

Petya ransomware: Ukraine blames Russia for carrying out cyber attack

CERT-LatestNews Malware Security News ThreatsCybercrime ThreatsStrategic Uncategorized
Home > News > Petya ransomware: Ukraine blames Russia for carrying out cyber attack

Ukraine claims that the ransomware attack was not driven by financial motive, but to create panic.


In light of the recent cyber attacks which took down global systems, Ukraine has pointed fingers at Russian Security Services for spreading the virus with the aim of spreading panic and destroying important data. The ransomware, dubbed ‘Petya’, originated in Ukraine earlier last week, and spread around the world, including India. The SBU, Ukraine’s state security service, claimed that the attack was carried out by the same hackers who attacked the country’s power grid in December a year ago.

The ransomware infects users’ system by encrypting the hard drive, and denying the user access to the system while rendering the computer unusable until the $300 ransom is paid. The attack infected Windows systems and hit banks, shipping, and a number of businesses. While Ukrainian politicians blamed Russia for the ransomware attack, a Krelim spokesman dismissed the claims as “unfounded blanket accusations,” Reuters reports. It is worth noting that the same attack also took down a number of Russian firms, leading some experts to suggest that it wasn’t actually a state-sponsored attack.

Cyber security firms are still trying to discover the real culprit behind the massive attack, which took place on the heels of WannaCry, a similar ransomware attack that took down global systems last month. It is worth mentioning that the political relationship between Ukraine and Russia have been soiled following Moscow’s annexation of Crimea in 2014, and the recent Kremlin-back separatist insurgency in eastern Ukrain that took over 10,000 lives.

In a situation of political unrest, it is quite evident to have feelings of hostility. Ukraine claims that hacking the state institutions is part of the Russia’s ‘hybrid war’ on Kiev. However, Russia stands in clear denial of the claims. ALSO READ: Petya ransomware follows WannaCry’s footsteps; here’s what the experts have to say

The SBU claims that the available data, including those obtained in cooperation with international antivirus companies, leads to the belief that the same hacking groups are involved in the attacks, which attacked the financial system, transport and energy facilities of Ukraine using TeleBots and BlackEnergy in 2016 and led to a loss of about one-fifth of the country’s power consumption. It may be recalled that attack which led to a blackout in the country was found to be linked to other similar attacks in the past.

The SBU claims to have seized equipment linked to the latest attacks which it said belonged to Russian agents. The agency further says that the ransom demand of $300 was not the actual aim of the attack. The virus in fact was aimed to destruct important data, disrupt work of public and private institutions in Ukraine, and lead to panic. RELATED: Indian government pushing Microsoft to roll out discounted Windows upgrades

Although Kremlin continues to reject the claims, cyber-security firm ESET in Slovakia appears to second Ukraine’s claims after it discovered that the Telebots groups was behind the attack. The same group has links to BlackEnergy. The firm said that the TeleBots group continues to evolve in order to conduct disruptive attacks against Ukraine,” adding that the hackers apparently underestimated the malware’s spreading capabilities and hence it went out of control and started targeting businesses. ALSO READ: Petya ransomware attack: India worst hit in Asia-Pacific, 7th most affected globally