KIEV: Ukrainian Interior Minister Arsen Avakov says that authorities have avoided a second cyberattack. The announcement suggests that the effort to wreak electronic havoc across Ukraine is ongoing. Ukraine is still trying to find its feet after scores or even hundreds of businesses and government agencies were hit by an explosion of data-scrambling software on June 27.
Avakov said in a statement posted to his Facebook page that what he described as the second stage of that malware attack had been timed to hit its peak at 4 p.m. Ukraine time on Tuesday. Avakov said that, like the first attack, Tuesday’s originated from the Ukrainian tax firm ME Doc. Yesterday’s announcement adds clarity to Cyberpolice’s midnight announcement that they had raided M.E. Doc and seized the company’s servers.
Ukraine’s national cybercrime unit seized servers belonging to a small company at the center of a global outbreak of malicious software after “new activity” was detected there, the service said in a statement early yesterday. The announcement raised the possibility that the hackers behind last week’s wide-ranging cyberattack were still seeking to sow chaos.
Tax software firm M.E. Doc was raided to “immediately stop the uncontrolled proliferation” of malware. In a series of messages, Cyberpolice spokeswoman Yulia Kvitko suggested that M.E. Doc had sent or was preparing to send a new update and added that swift action had prevented any further damage. “Our experts stopped (it) on time,” she said. It wasn’t immediately clear how or why hackers might still have access to M.E. Doc’s servers.
The company has been the focus of intense attention from authorities and cybersecurity researchers since it was identified as the patient zero of the outbreak, which crippled computers at several multinational firms and knocked out cash machines, gas stations and bank branches in Ukraine. The company has not returned messages from The Associated Press, but in several statements posted to Facebook it disputed allegations that its poor security helped seed the malware epidemic.
Cyberpolice chief Col Serhiy Demydiuk previously told AP that ME Doc’s owners would be brought to justice, but Kvitko said there had been no arrests. Adding to the intrigue, the bitcoin wallet linked to the hackers who masterminded the outbreak was emptied around the same time as the police announcement. Kaspersky Lab researcher Aleks Gostev said on Twitter that some of the digital currency had been sent to text storage sites, hinting at the prospect of some kind of a forthcoming statement. Meanwhile, Ukrainian officials were just beginning to count the costs of the outbreak. Infrastructure Minister Volodymyr Omelyan told AP his department had incurred “millions” in costs, with hundreds of workstations and two of its six servers knocked out. Ukrainian officials have yet to put a dollar amount on the total damage or even estimate its scope. – Agencies