![]() Microsoft warns of destructive cyberattack on Ukrainian computer networksMicrosoft warned on Saturday evening that it had detected a highly destructive form of malware in dozens of government and private computer networks in Ukraine that appeared to be waiting to be triggered by an unknown actor. In a blog post, the company said that on Thursday — around the same time that government agencies in Ukraine found their websites had been defaced — investigators who watch over Microsoft’s global networks detected the code. “These systems span multiple government, nonprofit and information technology organizations, all based in Ukraine,” Microsoft said. The code appears to have been deployed around the time that Russian diplomats, after three days of meetings with the United States and NATO over the massing of Russian troops at the Ukrainian border, declared that the talks had essentially hit a dead end. Full Analysis (Subscribers Only)Ukrainian officials blamed the defacement of their government websites on a group in Belarus, though they said they suspected Russian involvement. But early attribution of attacks is frequently wrong, and it was unclear if the defacement was related to the far more destructive code that Microsoft said it had detected. Microsoft said that it could not yet identify the group behind the intrusion, but that it did not appear to be an attacker that its investigators had seen before. The code, as described by the company’s investigators, is meant to look like ransomware — it freezes up all computer functions and data, and demands a payment in return. But there is no infrastructure to accept money, leading investigators to conclude that the goal is to inflict maximum damage, not raise cash. It is possible that the destructive software has not spread too widely and that Microsoft’s disclosure will make it harder for the attack to metastasize. But it is also possible that the attackers will now launch the malware and try to destroy as many computers and networks as possible.
|