Britain has publicly blamed the Russian military for a global cyber attack that cost international businesses an estimated $1.2bn last June.
The malicious NotPetya software chiefly affected Ukraine, with the nation’s government, finance and energy institutions falling prey to the attack.
Global companies with offices in Ukraine, including FedEx, Merck and Maersk, were also affected. Maersk lost $300m in revenue as a result of the incident.
In an unusual direct admonishment of the Kremlin, Lord Tariq Ahmad, the UK foreign office’s minister for cybersecurity, called Russia ‘almost certainly’ responsible for the ‘reckless’ attack and said the behaviour demonstrated ‘a continued disregard for Ukrainian sovereignty.’
‘The Kremlin has positioned Russia in direct opposition to the West, yet it doesn’t have to be that way. We call upon Russia to be the responsible member of the international community it claims to be rather than secretly trying to undermine it,’ he said.
Russia is ‘ripping up the rule book,’ says Defence Secretary
Defence Secretary Gavin Williamson said that the cyber attacks presented a real threat to national security and that the UK had a duty to respond.
‘Russia is ripping up the rule book by undermining democracy, wrecking livelihoods by targeting critical infrastructure, and weaponising information’, Williamson said.
Russia has denied responsibility for launching the cyber attack and has noted that Russian firms were among those whose systems were affected by the virus last year. The malware spread across over 64 countries, including the UK, and worked by destroying rather than ransoming sensitive company data, a trait that made it particularly costly and devastating.
‘The malware was not designed to be decrypted. This meant that there was no means for victims to recover data once it had been encrypted,’ noted Britain’s National Cyber Security Centre.
It is the first time that the UK has publicly blamed Russia for starting a cyber attack and only the second time it has levelled such accusations at any nation - the first time being against North Korea, condemned by the government for the WannaCry ransomware attack that caused severe issues for the NHS in May 2017.
Sign-up to our weekly cybersecurity news digest
Want to read more stories like this? Our weekly news digest helps to keep you up-to-date with cybersecurity news stories relevant to the legal sector.
Sign-up to our email list