14 DAY TRIAL // WannaCry and Petya ransomware made hundreds of thousands of victims across the world, with the latter said to be primarily aimed at Ukraine, and authorities in the country blaming state actors, including Russia, for launching the massive cyber-attacks.
And according to Ukrainian officials, a third major attack was supposed to launch last week but it got blocked before starting spreading across systems in the country.
Ukrainian Interior Minister Arsen Avakov said in a Facebook post that a new wave of the Petya ransomware was projected to start spreading in the country’s networks last week.
“The attack’s peak was planned to take place at 4 p.m. [13:00 GMT]. The attack started at 13:40. The cyberpolice blocked the mailing and activation of the virus from the servers of the information system M.E. Doc. The attack was stopped,” Avakov was quoted as saying in a Facebook post.
On the other hand, the company behind M.E.doc, the electronic accounting software that was used for launching the Petya (also known as NotPetya) ransomware attack, says its servers haven’t been used to spread the infection, adding that even its own computers were compromised.
The Ukrainian police have however seized computers to investigate the cyber-attacks, with early evidence indicating possible connections with Russia, local officials have said. There was a total of 2,108 reports of attacks and a total of 66 criminals cases were opened by the police.
NATO: Ransomware could trigger Article 5
Ukraine isn’t the only one claiming that the recent ransomware attacks were launched by state-sponsored hackers. In a recent statement, the North Atlantic Treaty Organization (NATO) revealed that it found evidence that the cyber-attacks involved at least one country, though no specifics were provided in this regard.
NATO issued a warning to nations launching cyber-attacks, claiming that such attempts could trigger Article 5 if similar consequences to an armed attack are caused.
“There is a lack of a clear coercive element with respect to any government in the campaign, so prohibited intervention does not come into play. As important government systems have been targeted, then in case the operation is attributed to a state this could count as a violation of sovereignty. Consequently, this could be an internationally wrongful act, which might give the targeted states several options to respond with countermeasures,“ Tomáš Minárik, researcher at NATO CCD COE Law Branch.
While blamed by many for launching ransomware attacks, Russia itself struggled to deal with Petya, with several companies in the country said to have systems in their networks compromised by the virus.