The Foreign Office Minister for Cyber Security, Lord Tariq Ahmed, pointed the fingers to the Russian Government as the reason behind the NotPetya cyber-attack. Lord Tariq mentioned that “The UK Government judges that the Russian Government, specifically the Russian military, was responsible for the destructive NotPetya cyber-attack of June 2017…The attack showed a continued disregard for Ukrainian sovereignty. Its reckless release disrupted organizations across Europe costing hundreds of millions of pounds.” And he also elaborated in that “The Kremlin has positioned Russia in direct opposition to the West yet it doesn’t have to be that way. We call upon Russia to be the responsible member of the international community it claims to be rather than secretly trying to undermine it.”
The Work of the GRU, Maybe?
Lord Tariq was not specific about which organization was responsible of the attack, but he pointed the fingers to the whole military. Moreover, the CIA accused the Russian military hackers to be in charge of the NotPetya attacks as a purpose of destroying the financial system of the country. Lord Tariq agrees with the CIA as it seems logical. Finally, the report issued by the CIA claimed that the GRU is responsible for creating the NotPetya malware. In addition, many other agencies believe that the GRU is responsible of many other attacks rather than NotPetya as these attacks were on track with the Russian plans of Crimea.
Ransomware a staple of Criminals, not Spies
Such malware is used by many evil organizations to have access over encrypted files of some people in compensation with money. Researchers believe that the goal is far beyond making easy money and that the true intention was to destroy the financial system of some countries like Ukraine. According to the phases of the attack and the environment, it is crystal-clear that the main target was diminishing the Ukrainian financial system.
The Nation-States Playing the Blame Game
Many companies did not care about whether Russia was responsible for the NotPetya attacks or not, unlike UK, which took the case seriously and started digging for the truth. Since attempting to make such a well-planned attack is completely anonymous, most probably you will find out that the attacker did not make the attack himself, just to be guilty free. The investigators of such cases have no solid clues but some assumptions based on limited information for the companies. Since such smart attacks like NotPetya and BadRabbit cost less money, blood, and effort that actual wars, they will kick in as the new war system.
Related Article: RedDrop Malware affects Android Devices