Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Petya Ransomware Is Starting To Look Like a Cyberattack in Disguise (theverge.com)

Posted by msmash on from the new-twist dept.

Further research and investigation into Petya ransomware -- which has affected computers in over 60 countries -- suggest three interesting things: 1. Ukraine was the epicentre of the attack. According to Kaspersky, 60 percent of all machines infected were located within Ukraine. 2. The attackers behind the attack have made little money -- around $10,000. Which leads to speculation that perhaps money wasn't a motive at all. 3. Petya was either "incredibly buggy, or irreversibly destructive on purpose." An anonymous reader shares a report: Because the virus has proven unusually destructive in Ukraine, a number of researchers have come to suspect more sinister motives at work. Peeling apart the program's decryption failure in a post today, Comae's Matthieu Suiche concluded a nation state attack was the only plausible explanation. "Pretending to be a ransomware while being in fact a nation state attack," Suiche wrote, "is in our opinion a very subtle way from the attacker to control the narrative of the attack." Another prominent infosec figure put it more bluntly: "There's no fucking way this was criminals." There's already mounting evidence that Petya's focus on Ukraine was deliberate. The Petya virus is very good at moving within networks, but initial attacks were limited to just a few specific infections, all of which seem to have been targeted at Ukraine. The highest-profile one was a Ukrainian accounting program called MeDoc, which sent out a suspicious software update Tuesday morning that many researchers blame for the initial Petya infections. Attackers also planted malware on the homepage of a prominent Ukraine-based news outlet, according to one researcher at Kaspersky. Ars Technica has more.

5 of 182 comments (clear)

  1. Russians by 110010001000 · · Score: 4, Interesting

    So the Russians did it?

    1. Re:Russians by edis · · Score: 2, Interesting

      point is just to cause damage

      Not the only point. Days before this outbreak, I happened to read articles, plain stating, that Ukraine is a country turned by Russia into test battlefield of cyberwar (and other kinds of modern war, as per their definition, BTW). Which was proved once again. Russia flexes its muscles both in operation, in damage, and in getting away with it. The same pattern of pushing the limits where they did their dirty act, yet remain difficult to name and be punished - it repeats all over. This pattern is by now well recognizable. It is the same, as throw chunks of army over the border for couple of "training" days, then withdraw them and get away like there was no war. Direct their "polite" military without identification to "help with voting" at neighboring country.

      Their problem, however, is that these patterns are more recognizable, as more instances have been applied. Element of surprise has worn, it is of little secret now, what is Russia Today.

      --
      Servant of karma
  2. The Growing Cyber War by Frosty+Piss · · Score: 5, Interesting

    I suspect that Russia's growing use of "cyber war" tactics against its enemies will eventually backfire in the political arena. They really can't expect that governments, both friend and foe, will not start to lean on them in a more forceful way. I think and all-out âoecyber warâ between a growing number of countries would be very very very bad for everyone.

    --
    If you want news from today, you have to come back tomorrow.
    1. Re:The Growing Cyber War by MightyMartian · · Score: 4, Interesting

      The Obama Administration alluded to consequences at the time. A good many anti-Obama and pro-Russia types (there seem an unusual amount of both on here) seem to forget that everyone knew for months BEFORE the election that the Russians were trying to screw over the US election, and since then we've seen them do it in other Western countries.

      I simply do not understand the willingness of some to condemn the United States and act like cheerleaders for Russia. Russia has been the West's enemy for decades, and even during the brief periods of reasonably good relations over the last few centuries, neither side has ever particularly trusted the other.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
  3. Re:Ready Set Go by Oswald+McWeany · · Score: 5, Interesting

    It doesn't always "have to be Putin" but there is a reason why it frequently is Russia.

    1) They have the resources. No country has a better human resource for hacking than Russia. They have a large highly trained tech-savvy population. They've put more effort into teaching people to be computer literate than almost anywhere else. They also have a wild-west type law enforcement that overlooks a lot of hacking and allows people to hone their skills that way.

    2) They have a motive. Russia is semi-openly hostile to most countries that lay to it's West. They have a policy of constantly testing our defenses. They frequently fly planes into other countries airspace to see how quickly they will react, the cyber warfare is more of the same testing. They're seeing how we will react.

    3) They have a leader who doesn't give a damn what other countries think of them. Putin wants what is best for Russia and doesn't care if that makes people in other countries not like him. He doesn't want to be known as clean or honourable- he just wants to restore the empire. Furthermore, his background is in espionage. Being sneaky is in his blood.

    --
    "That's the way to do it" - Punch