The Russia connectionU.K.: Russia launched last June’s costly NotPetya cyberattacks

Published 16 February 2018

Russian military hackers were behind the NoPetya cyberattack on Ukraine that spread globally last year, the British government said. The United States said June’s NotPetya ransomware attack caused billions of dollars in damage across Europe, Asia, and the Americas. U.K. Defense Secretary Gavin Williamson said Russia was “ripping up the rule book” and the U.K. would respond.

Foreign Office Minister Lord Ahmad yesterday attributed the NotPetya cyber-attack to the Russian government. The U.K. government said that the decision to publicly attribute this incident underlines the fact that the United Kingdom and its allies will not tolerate malicious cyberactivity.

The U.S. and U.K. intelligence agencies have attributed a massive ransomware attack from 2017 to the Russian military. It was carried out by hackers working for the GRU, the Russian military intelligence branch. GRU hackers, and hacking groups working for the GRU, were behind the Kremlin’s hacking and disinformation campaign to help Donald Trump win the 2016 presidential election.

The NotPetya ransomware targeted companies in Ukraine, attacking its government, financial and energy institutions last June. It ended up causing collateral damage to global companies with offices in Ukraine, including Maersk, FedEx and Merck. The cyberattack ended up costing Maersk up to $300 million in lost revenue.

The attack masqueraded as a criminal enterprise, but its purpose was principally to disrupt. Primary targets were Ukrainian financial, energy and government sectors. Its indiscriminate design caused it to spread further, affecting other European and Russian business.

The Trump administration released a statement on Thursday calling it the “most destructive and costly cyber-attack in history,” noting that it caused billions of dollars of damage in Europe, Asia and the Americas.

Foreign Office Minister for Cyber Security Lord (Tariq) Ahmad of Wimbledon said:

The U.K. government judges that the Russian Government, specifically the Russian military, was responsible for the destructive NotPetya cyber-attack of June 2017.

The attack showed a continued disregard for Ukrainian sovereignty. Its reckless release disrupted organisations across Europe costing hundreds of millions of pounds.

The Kremlin has positioned Russia in direct opposition to the West yet it doesn’t have to be that way. We call upon Russia to be the responsible member of the international community it claims to be rather then secretly trying to undermine it.

The United Kingdom is identifying, pursuing and responding to malicious cyber activity regardless of where it originates, imposing costs on those who would seek to do us harm. We are committed to strengthening coordinated international efforts to uphold a free, open, peaceful and secure cyberspace.

“The U.K.’s National Cyber Security Center assesses that the Russian military was almost certainly responsible for the destructive NotPetya cyber-attack of June 2017,” the government said. “Given the high confidence assessment and the broader context, the UK government has made the judgement that the Russian government – the Kremlin – was responsible for this cyber-attack.”