Ukraine is not shy about pointing the finger at a major cyberattack that has hampered dozens of government websites. Like The Guardian reports, Ukraine’s digital transformation ministry blamed Russia for the hack, accusing the country of waging a “hybrid war” intended to “destabilize” an already tense situation and erode trust in the Ukrainian government. Although officials did not specify evidence linking the attack to Russia, Microsoft shared details late Saturday that suggested a hostile country was responsible.
The company’s Threat Intelligence Center noted that the code was purely destructive malware disguised as ransomware. It had a ransom note, bitcoin wallet, and encrypted email id, but no recovery mechanism – in fact, it erases the Master Boot Record (the hard drive item that tells a PC how to load the system from exploitation) and downloads malware intended only for corrupted files. All known targets are in Ukraine, and there are no tangible links between this campaign and other groups.
Russia has denied any involvement in the cyberattack. A spokesman for President Putin said Ukraine blamed everything on Russia, “even the weather.” Russia has long been accused of using cyberattacks to target its political opponents, including Ukraine, the United States and European countries.
Microsoft said it was unsure of the current status of the hacking operation or the extent of the damage. It was not yet clear if there were other victims in Ukraine or beyond. However, it is safe to assume that the timing of the attack is problematic, regardless of the perpetrator. Ukraine and its allies have been concerned for months about signs of an impending Russian invasion, and the United States claimed on January 14 that Russia was planning a false flag operation that would help justify the invasion. The cyberattack appears to exacerbate these tensions and may have weakened Ukraine’s government infrastructure at a critical time.