Ukraine accuses Russia of planning major cyberattack

Russia is planning to carry out a massive cyberattack on enterprises and companies in Ukraine, said Serhiy Demedyuk, Chief of Ukraine’s Cyberpolice. According to him, the authorities have information that the attack will be carried out in one day.

The Russian hackers intend to infect Ukrainian companies and state institutions with malware in order to gain covert access to their resources and later to carry out a large-scale attack on them, Demedyuk told Reuters.

The cyberpolice chief says that the Ukrainian organizations that have encountered this problem belong to various sectors, from banks to infrastructural facilities. Kyiv first detected signs of the hackers’ activity at the start of this year.

The malware specimens which have already been analyzed by the Ukrainian Cyberpolice indicate that the perpetrators intend to activate it on a certain day, and that the attack being planned will be on the same scale as the distribution of the NotPetya virus, which affected state institutions and companies in many countries.

Operating on such a scale would not be possible without state-level support, Demedyuk asserts, referring specifically to Russia. “Everything we see, everything we have intercepted in this period: 99% traces back to Russia,” the chief of cyberpolice affirmed.

Demedyuk believes that this time round, Ukraine is better prepared to repel the attack. Ukraine is collaborating with other countries’ intelligence agencies, he said, but did not specify which particular agencies or countries.

At the end of May, the US-based network hardware company Cisco and its Talos cybersecurity division warned that a major cyberattack was being planned using the VPN Filter program. Talos specialists said that they had documented the infection of at least 500,000 devices in 54 countries, including Ukraine. The Security Service of Ukraine declared this “another act of cyber-agression” by Russia against Kyiv.

The widespread cyberattack through the NotPetya virus took place on June 27, 2017, primarily affecting Russia and Ukraine. Among the prominent victims were the computer systems of the Ukrainian government, the Kyiv Boryspil International Airport, the Ukrainian Postal Service, Ukrtelecom, the Ministry of Infrastructure, and bank organizations. In Russia, the virus affected Rosneft, Bashneft, and the Home Credit Bank. There were also reports of computers being affected in other countries. The virus blocked the companies’ internal networks, demanding a ransom of $300 worth of Bitcoin in order to unblock them.

The US, UK and several other western countries blamed Russia for the attack. Moscow categorically denied the allegations.

  Russia, Ukraine, cyber attack