BREAKING— The UK has become the first major Western country to formally accuse the Russian military of orchestrating and launching the NotPetya ransomware outbreak.
"The UK Government judges that the Russian Government, specifically the Russian military, was responsible for the destructive NotPetya cyber-attack of June 2017," said Foreign Office Minister Lord Ahmad in a statement published online a few minutes ago.
"The attack showed a continued disregard for Ukrainian sovereignty. Its reckless release disrupted organisations across Europe costing hundreds of millions of pounds," Lord Ahmad added.
"The Kremlin has positioned Russia in direct opposition to the West yet it doesn’t have to be that way," Lord Ahmad also said. "We call upon Russia to be the responsible member of the international community it claims to be rather then secretly trying to undermine it."
The UK Foreign Office Minister did not specifically point the finger at any specific entity of the Russian military, but a Washington Post article citing CIA sources published in mid-January pegged the Russian Military's Main Intelligence Directorate (abbreviated GRU) as the one department that created NotPetya.
A report authored by the Estonian Foreign Intelligence Service claims that the GRU military spy agency is also behind APT28, a cyber-espionage unit also known as Fancy Bear, responsible for hacks all over the world, including the infamous DNC hack.
Ukraine's Secret Service (SBY) has not been shy about blaming Russia for the NotPetya ransomware incident, going public with their accusations just days after the incident.
Lord Ahmad's statement was also accompanied by a note from the UK's National Cyber Security Centre which said it "assesses that the Russian military was almost certainly responsible for the destructive NotPetya cyber-attack."
The NotPetya ransomware outbreak took place on June 27, 2017, and targeted mainly Ukrainian companies through a tainted update of a local accounting software. Unfortunately, NotPetya infections spread to other businesses across the world due to shared and interconnected networks.
NotPetya was followed by the Bad Rabbit ransomware outbreak on October 24, though less damaging, believed to be a modified version of NotPetya, and which many also suspect Russia may have had a hand in.