UK government publicly blames Russia for NotPetya attacks

News by Robert Abel

The UK government publicly accused Russia of carrying out the June 2017 NotPetya ransomware attacks in June 2017 as part of a deliberate attack on the Ukraine state.

The UK government publicly accused Russia of carrying out the June 2017 NotPetya ransomware attacks in June 2017 as part of a deliberate attack on the Ukraine state.

The decision to publicly blame the Kremlin for the attack was made on the grounds that the government will not tolerate "malicious cyber-activity" Foreign Office Minister of Cyber-security Lord Tariq Ahmad said according to The Daily Telegraph.

"The UK government judges that the Russian government, specifically the Russian military, was responsible for the destructive NotPetya cyber-attack," Ahmad said.

Furthermore, the Foreign Office minister said the attack showed a continued disregard for Ukrainian sovereignty and that the malware's reckless release disrupted organisations across Europe costing hundreds of millions of pounds and positioned Russia in direct opposition to the West.

Russia has denied the claims and said they are ill founded. "We categorically dismiss such accusations; we consider them unsubstantiated and groundless,” Kremlin spokesman Dmitry Peskov said according to the BBC. “It's not more than a continuation of the Russophobic campaign which is not based on any evidence."

The accusations come less than a month after British Defence Secretary Gavin Williamson said Russian cyber-attacks on critical infrastructure could kill thousands. 

In an email to SC Media UK, Steve Malone, director of security product management at Mimecast commented: “The Petya ransomware highlighted the disruptive power ransomware can have. By encrypting and blocking access to files, ransomware can cause massive damage to critical national services and valuable business data.

“No matter the perpetrator of this attack, businesses must look forward and implement a cyber-resilience strategy to avoid becoming the next victim. This should span beyond just security, and include continuity, remediation and recovery to ensure critical services can keep on running, even when the worst happens.”

The US, Canadian and Australian governments echoed the concerns raised, and a subsequent email to SC from Christopher Day, chief cybersecurity officer of Cyxtera noted:“The recent identification from the UK, US, Canada and Australia that the NotPetya attack emanated from Russia remind us that the financial, energy and government sectors continue to face powerful adversaries. The reality is that all organisations, particularly those of national importance, face threat actors that are patient, skilled and disciplined. They have an arsenal of cyber-weapons at their disposal and are capable of releasing malicious code on an industrial scale. 

"It's imperative that we all come together to combat these threats through a combination of tactics, including information-sharing with allies, public condemnation of attacks and adoption of emerging technologies, like a software defined perimeter, that can significantly reduce attack surfaces. Organisations must take steps to stop attackers from gaining unfettered access to unauthorised systems, where they can lie in wait for years before opportunistically launching an attack.”

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews