Ukraine’s security service, the SBU, has blamed Russia for the recent Petya cyber attack last week. The SBU said that it had obtained data that “points to a link with an attack” on Kiev, in December, the last time this ransomware reared its head. The Ukrainians said that the lack of any real mechanism for securing financial payments, to decrypt affected files, led the SBU to believe the ransom was just a cover for an assault on the country’s businesses and the state.
Russia has responded to the allegations saying that they’re unfounded. What’s quite bizarre too is that Russian entities were badly affected by the malware too, which suggests they were also specifically targeted by the attack; this has prompted several security researchers to suggest that Russia wasn’t responsible for the cyber strike.
Earlier in the Petya saga, we reported that Posteo had blocked the email account which was to be contacted by victims to get their files decrypted. For this reason, the SBU says that the ransom was just a cover for an attack on the state. In December, 2016, the last time Petya struck, the country’s financial, transport and energy systems were affected by the cyber attack. In terms of real-world effects, there was a power cut in Kiev.
Due to the nature of cyber attacks it can be next to impossible to prove who actually perpetrated it; in recent years, Russia has gotten a lot of flak for supposedly launching attacks, however, when you can mask your location and even make your code look like it was written by Russians by leaving a string of Cyrillic, it becomes very difficult to say you know who the attackers are.