X

Ukraine fears a coordinated hacking attack from Russia

A Ukrainian official told Reuters it's seeing a pattern of hacking that reminds them of last year's NotPetya attack.

Laura Hautala Former Senior Writer
Laura wrote about e-commerce and Amazon, and she occasionally covered cool science topics. Previously, she broke down cybersecurity and privacy issues for CNET readers. Laura is based in Tacoma, Washington, and was into sourdough before the pandemic.
Expertise E-commerce, Amazon, earned wage access, online marketplaces, direct to consumer, unions, labor and employment, supply chain, cybersecurity, privacy, stalkerware, hacking. Credentials
  • 2022 Eddie Award for a single article in consumer technology
See full bio
Laura Hautala
2 min read
James Martin/CNET

Ukrainian companies are finding increasing amounts of malicious software planted on their computer systems, which the government says points to a coordinated effort to launch a major attack in the future, Reuters reported Tuesday.

It's reminiscent of the kind of activity the country's government saw in 2017, before hackers released the ransomware virus NotPetya on the Ukraine in June. The attack spread internationally, infecting companies like Danish shipping giant Maersk, US drug company Merck and a Cadbury Creme Egg facility in Australia. The virus locked down computers and demanded a ransom paid in bitcoin. The US, Ukraine and UK attributed the attack to Russian government hackers, and the US sanctioned Russia.

goldeneye-ransomware-note

A screenshot of the message seen by victims of the NotPetya ransomware attack.

 Bitdefender

Ukraine's cyber police chief, Serhiy Demedyuk, told Reuters the attack it thinks is brewing right now could play out in a similar way.

"Analysis of the malicious software that has already been identified and the targeting of attacks on Ukraine suggest that this is all being done for a specific day," Demedyuk told Reuters. He also said digital fingerprints on the intrusions point to Russia as the source.

The Russian embassy and the Ukrainian national police didn't immediately respond to requests for comment on this story.

Ukraine's concerns point to the larger threat of the chaos ransomware can bring. If victims don't have their files backed up, they face the question of whether to pay up or lose everything. Even if they pay, the hackers might not choose to -- or not be able to -- give them their files back. And if dozens of companies around the world are dealing with these problems at the same time, it can cause a major disruption.

Even without government-sponsored hackers in the mix, ransomware is a serious threat to computer users everywhere. Cybercriminals are so into this form of hacking that other cybercriminals run services online to help them carry out the attacks.

However, cybersecurity companies have seen conflicting data on whether ransomware attacks have remained popular among cybercriminals. A group of researchers at computer security firm Malwarebytes have seen diminishing numbers of such attacks on the systems they help protect. But in its annual data breach report, Verizon said ransomware infections doubled in 2017 and made up 39 percent of malware infections in its data set.

CNET Magazine: Check out a sample of the stories in CNET's newsstand edition.

Fight the Power: Take a look at who's transforming the way we think about energy.