Captain Planet screenshot

All the countries part of the Five Eyes intelligence-sharing alliance — the US, the UK, Canada, Australia, and New Zealand— have made formal statements accusing the Russian Federation of orchestrating the NotPetya ransomware outbreak.

The UK was first to pin the attacks on Russia, earlier this week, when Foreign Office Minister Lord Ahmad said in a press release that an intelligence agency part of Russia's military had created and deployed the NotPetya ransomware in Ukraine, from where it accidentally spread worldwide.

The UK's statement caused a stir, but the country didn't stand alone for long, as the next day, February 15, the White House came out with a similar announcement.

The attack, dubbed “NotPetya,” quickly spread worldwide, causing billions of dollars in damage across Europe, Asia, and the Americas.  It was part of the Kremlin’s ongoing effort to destabilize Ukraine and demonstrates ever more clearly Russia’s involvement in the ongoing conflict.  This was also a reckless and indiscriminate cyber-attack that will be met with international consequences.

All Five Eyes members follow suit

A day after that, on February 16, Canada's Communications Security Establishment, Australia's Minister for Law Enforcement and Cybersecurity, and New Zealand's Government Communications Security Bureau followed suit with similar press releases.

None pointed the finger at a specific Russian military unit but went on record to blame the Russia state for the incident as part of its silent war against Ukraine. A Washington Post article citing CIA sources published in mid-January pegged the Russian Military's Main Intelligence Directorate (abbreviated GRU) as the one department that created NotPetya.

Russia previously denied being behind the attack and did so again this week through its ambassadors in each of the Five Eyes countries.

Ukraine was first to blame Russia in July 2017

Ukraine's Secret Service (SBY) accused Russia of orchestrating the NotPetya ransomware outbreak right after the incident, in July 2017.

Besides Ukraine and the Five Eyes members, other countries have not gone on record with formal accusations.

The NotPetya ransomware outbreak took place on June 27, 2017, and targeted mainly Ukrainian companies through a tainted update of a local accounting software. Unfortunately, NotPetya infections spread to other businesses across the world due to shared and interconnected networks. The ransomware is believed to have caused billions of dollars in damages, mainly due to lost activity and delayed goods shipments.

NotPetya was followed by the Bad Rabbit ransomware outbreak on October 24, though less damaging, believed to be a modified version of NotPetya, and which many also suspect Russia may have had a hand in.

But NotPetya is not the first ransomware that's been attributed to a country's government. The US and the UK had previously accused North Korea of being behind the WannaCry ransomware outbreak.

Image credits: DIC Entertainment

Related Articles:

Moscow's New Cable Car System Infected with Ransomware the Day After it Opens

SEO Poisoning Campaign Targeting U.S. Midterm Election Keywords

U.S. Ballistic Missile Defense Systems Fail Cybersecurity Audit

The Week in Ransomware - December 14th 2018 - Slow Week

Company Pretends to Decrypt Ransomware But Just Pays Ransom