Aug 20 2017

A Virus from the Cold

Dan

Blog post image

Last June 27, computer systems across the world were attacked with a ransomware virus that would infiltrate a network, infect computers and hopelessly encrypt the data contained therein, while displaying a message requesting the victim to send 300 dollars (USD) in Bitcoins to an anonymous email address in order to receive the key to decrypt the affected hard disk. That attack was especially successful across the NHS (National Health System) in the United Kingdom. But while the scope of the attack appeared to be global, one country appeared to be specifically targeted, and that was Ukraine.


The Ukrainian government spared no words in denouncing the attack that could have had crippling consequences. According to the Head of the Service on Issues of Information Security of the NDSC Staff, Valentin Petrov, that virus attack was a “political move” that should be considered an element of a hybrid war as an attempt to harm and destabilize the situation in Ukraine. According to him, the attack affected governmental bodies, banking institutions, industrial facilities and other elements critical to the country’s infrastructure. He also added that, despite the panic mood, the attackers did not manage to inflict much harm.


Despite this attempt to destabilize, disrupt and extort victims, Mr. Petrov also said that the attack was not particularly profitable to the perpetrators. According to the National Police, only 28 persons resorted to paying the $300 extortion fee in order to have their computers decrypted. Which probably means that, in this case, the profit amounted to much less than the resources spent to create such a sophisticated attack. He also added that the attack affected more private entities and individuals than the public infrastructure itself.


The authorities also pointed out that even the name of the virus shows the political implications of the action. The attack happened on the eve of Constitution Day in Ukraine. Also, that coincided with the violent escalation of events in eastern Ukraine as a leader of the Main Intelligence Department was killed in Kiev and a car with servicemen was blown up in the ATO (Anti-Terrorist Operations) zone. Mr. Petrov concluded that they can see a systemic destabilization campaign and that the virus attacks are a full part of the logic of their adversary’s actions.


He outlined that the high level of flexibility of such attacks demand that qualified staff is available to investigate such cases. And Mr. Petrov also added that western partners are helping Ukraine defend itself against cyberattacks. In particular, along with NATO, Ukraine is implementing a cybersecurity project. They are working in conjunction with NATO, the US and the United Kingdom. And he reminded that similar attacks were carried out in December 2015 and December 2016. He summarized, “That is why it should be considered in the context of the hybrid war as an attempt to harm and destabilize the situation in Ukraine”.


The good news is that Tenex Developers has a robust and solid set of cybersecurity solutions. We are here to help. If you want to conduct business free from the stress of threats and dangers, give us a call or send us an e-mail and we will demonstrate how we can secure your precious assets and the information they contain.