The strange story of the virus Petya

This virus was initially similar to ransomware requiring you to pay in electronic currency bitcoin a certain amount in order to decrypt the infected system. However, very quickly the experts and analysts began to suspect that this is not just an attack for the purpose of extortion, as those people — whoever they were — that it was, in fact, a large amount of money is not received. Moreover, the impression was that this virus was deliberately used against state institutions that can hardly be considered lucrative targets for this kind of criminal demands. The true purpose of the whole operation was completely different.

I was also interested in implemented then an outright cyber attack on the email system of the United Kingdom Parliament. As a precaution, I asked my followers on Twitter to contact me via SMS, not email. It was about the message on Twitter, which became the basis for dozens of headlines.

Petya virus began to spread in just a few days. On this basis, the experts initially talked about the fact that we are dealing with a prototype of a state-sponsored attack on Ukraine with the help of unwanted program which is one of the tools in the Arsenal of the Russian government used to conduct hybrid war. However, the main victim of this hacker attack in Russia was the company Rosneft, headed by Igor Sechin, who is known for his close ties with Russian intelligence services. It seemed unlikely that the implementation of such an attack on Ukraine will be selected as the target of such an important and related to the Kremlin as the company “Rosneft”.

New allegations in the Russian press, apparently based on leaked information, boil down to the fact that the virus Petya, in fact, was used for the large-scale and deliberate attacks on the computer systems of the companies “Rosneft” and “Bashneft” for the purpose of destruction of critical data for legal action against the Russian company “Sistema” and its owner Russian billionaire Vladimir Yevtushenkov. After Rosneft taken against it, the attack switched to the backup server, and thus she managed to avoid any serious consequences. Now, however, the accusatory finger about malicious programs Petya directed toward the “System” Yevtushenkov.

According to this theory, the collateral damage in Ukraine and in other countries is not accidental; it was supposed to be part of a deliberate operation, the purpose of which was to disguise and hide the true intentions. Launching a cyber attack from Ukraine, its sponsors came from the fact that the Ukrainian investigators are unlikely to share the results of their work with Russian investigators since Ukraine suspicious of Russian authorities and does not trust them.

One Russian journalist investigating the cyber attack, said that “no other explanation”. He uses an alias as he fears reprisals. “I believe that this attack was aimed directly against Rosneft,” he says.

In support of its version of the journalist cites the fact that this cyber attack began on the day when the Arbitration court of Bashkiria has held its first hearings on the suit of Rosneft against “the System”. It wasn’t a coincidence.

On June 23 the decision of the court the assets of the “System” in the amount of $ 3 billion was frozen as an interim measure. We are talking about the actions of the clinics MEDSI, Bashkir distributive electric networks, and mobile operator MTS, equivalent to about half of the capital Yevtushenkov.

All the disciples of Sherlock Holmes from the number of lovers know that to determine the motive for the crime need first of all to establish who gets the financial benefit.

In the framework of litigation between Rosneft and the “System” we are talking about $ 2.8 billion, and Rosneft believes that “the System” illegally withdrew the funds from Bashneft, when she owned. Required by Rosneft damages will lead to the bankruptcy of “the System”, if it loses in court. The critical situation requires desperate measures, and what could be better for the “System” of benefits in court, rather than the destruction presented evidence of the plaintiff?

This journalist gives another argument in support of his theory. It is that “System” is the largest telecommunications holding in Russia, which employs highly qualified specialists in the field of it. They know how to handle viruses, hacker attacks and how to organize such an operation. Who else from the former Soviet Union could develop such a powerful attack? The last missing piece in this puzzle is that, according to the findings of computer analysts, one of the sources of the first hacker attack was the Ukrainian accounting program M.E.Doc that began to send the questionable upgrade this software.

M.E.Doc is the name of the product developed by the company “Intellect-Service”. One of the largest customers of the company “Intelligence Service” in this region is Vodafone, the operator, is owned by Russian MTS Group. Is a key asset in “the System”, that is the company Vladimir Yevtushenkov.

Maybe we will not be able to identify those responsible for hacking attacks, to understand their real motive and bring them to justice. However, it is clear that the most important conclusions to be made concerning European and international cybersecurity.

Chris Rennard — former chief of staff of the British liberal Democrats.

Comments

comments