All the countries part of the Five Eyes intelligence-sharing alliance — the US, the UK, Canada, Australia, and New Zealand— have made formal statements accusing the Russian Federation of orchestrating the NotPetya ransomware outbreak.
The UK was first to pin the attacks on Russia, earlier this week, when Foreign Office Minister Lord Ahmad said in a press release that an intelligence agency part of Russia's military had created and deployed the NotPetya ransomware in Ukraine, from where it accidentally spread worldwide.
The UK's statement caused a stir, but the country didn't stand alone for long, as the next day, February 15, the White House came out with a similar announcement.
A day after that, on February 16, Canada's Communications Security Establishment, Australia's Minister for Law Enforcement and Cybersecurity, and New Zealand's Government Communications Security Bureau followed suit with similar press releases.
None pointed the finger at a specific Russian military unit but went on record to blame the Russia state for the incident as part of its silent war against Ukraine. A Washington Post article citing CIA sources published in mid-January pegged the Russian Military's Main Intelligence Directorate (abbreviated GRU) as the one department that created NotPetya.
Russia previously denied being behind the attack and did so again this week through its ambassadors in each of the Five Eyes countries.
Ukraine's Secret Service (SBY) accused Russia of orchestrating the NotPetya ransomware outbreak right after the incident, in July 2017.
Besides Ukraine and the Five Eyes members, other countries have not gone on record with formal accusations.
The NotPetya ransomware outbreak took place on June 27, 2017, and targeted mainly Ukrainian companies through a tainted update of a local accounting software. Unfortunately, NotPetya infections spread to other businesses across the world due to shared and interconnected networks. The ransomware is believed to have caused billions of dollars in damages, mainly due to lost activity and delayed goods shipments.
NotPetya was followed by the Bad Rabbit ransomware outbreak on October 24, though less damaging, believed to be a modified version of NotPetya, and which many also suspect Russia may have had a hand in.
Image credits: DIC Entertainment