White House blames Russia for 'reckless' NotPetya cyber
attack
Send a link to a friend
 [February 16, 2018] By
Dustin Volz and Sarah Young
WASHINGTON/
LONDON (Reuters) - The White
House on Thursday blamed Russia for the devastating 'NotPetya' cyber
attack last year, joining the British government in condemning Moscow
for unleashing a virus that crippled parts of Ukraine's infrastructure
and damaged computers in countries across the globe.
The attack launched in June 2017 by the Russian military "spread
worldwide, causing billions of dollars in damage across Europe, Asia and
the Americas," White House Press Secretary Sarah Sanders said in a
statement.
"It was part of the Kremlin's ongoing effort to destabilize Ukraine and
demonstrates ever more clearly Russia's involvement in the ongoing
conflict," Sanders said. "This was also a reckless and indiscriminate
cyber attack that will be met with international consequences."
The strongly worded but brief statement was the first time the U.S.
government has blamed Russia for what is considered one of the worst
cyber attacks on record. Many private sector security experts had
fingered Moscow months ago.
The statement came days after leaders of U.S. intelligence agencies
again warned that Russia, and potentially other adversaries, were likely
to attempt to use cyber means to meddle in the U.S. midterm elections in
November.
Experts said the White House vow of a response needed to be met with
clear action, especially because U.S. President Donald Trump has sought
to improve relations with his Russian counterpart, Vladimir Putin, and
has at times appeared dismissive of the cyber threat posed by Russia.
The U.S. government is "reviewing a range of options," a senior White
House official said when asked what consequences Russia would face.
It was not clear what those options were, nor what was meant by
"international consequences."
Earlier on Thursday Russia denied being behind the attack, saying the
accusations were part of a "Russophobic" campaign that it said was being
waged by some Western countries.
The White House had intended to release a statement about 'NotPetya' at
the same time as London, but those plans were delayed due to a school
shooting in Florida, according to three sources familiar with the
matter.
'EMPTY PROMISE'?
The U.S. government has been quicker to blame other nations, most
notably North Korea, for destructive cyber attacks, including the
WannaCry ransomware attack in May 2017.
Some administration officials have worried that publicly blaming Russia
without imposing some cost could raise questions about why the United
States was not retaliating, said two sources familiar with the internal
debate.
Others argued that because the United States also conducts covert
cyberspace operations that could not be discussed in public, the
statement attributing blame to Moscow required no elaboration, the
sources said.
[to top of second column] |
A customer waits while a cashier writes out a purchase receipt for
store records, as many business have turned off their digital tills
after cases of cyber attacks on business, at a store in Kiev,
Ukraine, June 28, 2017. REUTERS/Gleb Garanich
In addition to covert operations, retaliation could take the form of
further sanctions on Russia or other diplomatic penalties.
Trump has resisted the conclusion of U.S. intelligence agencies that
Moscow also meddled in the 2016 U.S. presidential election. After he met
Putin in Vietnam last November, Trump said he believed the Russian
leader when he denied his government interfered in the election.
Democrats and some Republicans have criticized the Trump administration
for not imposing sanctions that were passed unanimously by Congress last
summer and were intended to punish Moscow for meddling in the 2016
election.
"With Russia, if we are promised consequences, people are going to be
looking for tangible proof" of a response, said Kenneth Geers, a
security researcher at the cyber firm Comodo and former U.S.
intelligence official who works at NATO's think tank on cyber defense.
"Otherwise it seems like a real empty promise."
The NotPetya attack started in Ukraine, where it crippled government and
business computers before spreading around Europe and the world, halting
operations at ports, factories and offices.
Britain's foreign ministry said in a statement released earlier in the
day that the attack originated from the Russian military.
"The decision to publicly attribute this incident underlines the fact
that the UK and its allies will not tolerate malicious cyber activity,"
the ministry said in a statement.
"The attack masqueraded as a criminal enterprise but its purpose was
principally to disrupt," it said.
"Primary targets were Ukrainian financial, energy and government
sectors. Its indiscriminate design caused it to spread further,
affecting other European and Russian business."
(Reporting by Dustin Volz in WASHINGTON and Sarah Young in LONDON;
Additional reporting by Katya Golubkova in MOSCOW, Andrea Shalal in
MUNICH, Teis Jensen in COPENHAGEN, and Steve Holland and John Walcott in
WASHINGTON; Editing by Mary Milliken, Bill Rigby and Daniel Wallis)
[© 2018 Thomson Reuters. All rights
reserved.] Copyright 2018 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content. |
