Beware! Cyberattacks on Ukraine could spread across the world

tech.hindustantimes.com:

In cyberwarfare, the toughest question to answer definitively is “Who did it?” It’s no surprise then that Microsoft Corp. avoided the attribution on everyone else’s lips in its analysis of last week’s cyberattacks on Ukraine. That would be Russia. But several clues suggest they not only came from the Kremlin but will follow a pattern of spilling into other countries in Europe and the U.S., too. That ratchets up geopolitical tension across the world: Ukraine is currently bracing for potential military action from Moscow; Russian President Vladimir Putin has 100,000 troops at the border; and Moscow’s security talks with the U.S. and NATO have broken down.

There’s a lot of circumstantial evidence for a Russian hand in the latest cyberattacks, which affected around 70 government agencies in Ukraine, the worst in the country in four years. They resemble a devastating series that was widely attributed to Moscow, which began in 2015, continued into 2017 and swamped Ukraine’s banks, media and electric utilities with malware targeting Windows-based systems. If so, the wider world outside of Ukraine had better start taking precautions.

Microsoft’s Threat Intelligence Center on Saturday said the latest assault had a similar profile to the 2015 attacks: appearing to be ransomware, residing in file directories, and executing when a computer is switched off. The researchers at the Center say it then overwrites a critical part of a computer’s hard drive with the following ransom note:

“Your hard drive has been corrupted.

“In case you want to recover all hard drives of your organization, You should pay us $10k via bitcoin wallet 1AVNM68gj6PGPFcJuftKATa4WLnzg8fpfv and send message via tox ID