The British government has accused Moscow of being behind the NotPetya malware, which caused serious damage to computer systems in Europe last June.
“We have entered a new era of warfare, witnessing a destructive and deadly mix of conventional military might and malicious cyberattacks,” said British Defence Minister Gavin Williamson.
Russia is ripping up the rule book by undermining democracy, wrecking livelihoods by targeting critical infrastructure and weaponising information … We must be primed and ready to tackle these stark and intensifying threats, Williamson said.
The UK government provided no technical evidence, but said it relies on an analysis by the National Cybersecurity Center (NCSC), the country’s digital protection division within the GCHQ, the UK’s powerful electronic intelligence service. The NCSC says it is “almost certain” of Russian responsibility.
Tariq Ahmad, the state secretary for foreign affairs in charge of cybersecurity issues, accused the Russian army in particular, and said he sees the attack as evidence of Moscow’s “perpetual disregard” of Ukrainian sovereignty.
The initial target of NotPetya was a Ukrainian accounting firm. Through its software, which is widely used in Ukraine, a virus was spread that initially appeared to be ransomware, which that locks a computer and asks for a ransom in exchange for data recovery.
Spreading very quickly across the country, it in turn affected many companies in Europe and around the world, including the delivery giant FedEx and the shipping company Maersk.
After being analysed, it turned out that NotPetya was not in fact a classic ransomware, but a virus intended purely to destroy the data of the infected computers making the affected companies collateral victims of a suspected cyber aggression against Ukraine.
The Russian authorities have “flatly denied” any involvement in spreading the virus, calling the British government’s statements “without evidence and unfounded”.