Microsoft says that dozens of Ukrainian government computer systems have been infected with destructive malware disguised as ransomware, that appeared to be ready to be triggered by an unknown actor.
In a post published on the company’s blog page on Saturday evening, Microsoft said that its investigators found that the affected systems “span multiple government, non-profit, and information technology organisations.”
The Microsoft investigation found no infrastructure to accept money, leading investigators to conclude that the aim had not been to generate cash but to inflict maximum damage to the Ukrainian government’s computer infrastructure.
Serhiy Demedyuk, deputy secretary of Ukraine’s national security and defence council, indicated the attack is likely to have emanated from a Belarusian cyber hacker group called UNC1151, which he believes is likely a front for Russian espionage.
“The group specialises in cyber espionage, which is associated with the Russian special services and which, for its attacks, resorts to recruiting or undercover work of its insiders in the right company,“
Demedyuk told Reuters.
The attack comes as over 100,000 thousand Russian troops remain stationed at Ukraine’s border, and following a week of tense diplomacy between Russia, the US and NATO, which apparently made no progress in reducing the likelihood of a new Russian invasion of Ukraine.
