The White House is accusing Russia of unleashing a large cyberattack against Ukraine last year, warning there will be unspecified “international consequences.”
The Trump administration accused Russia of the NotPetya attack, which affected international businesses, hours after a similar accusation from the U.K. government Thursday.
“In June 2017, the Russian military launched the most destructive and costly cyber-attack in history,” White House press secretary Sarah Sanders said in statement.
Sanders continued: “The attack, dubbed ‘NotPetya,’ quickly spread worldwide, causing billions of dollars in damage across Europe, Asia, and the Americas. It was part of the Kremlin’s ongoing effort to destabilize Ukraine and demonstrates ever more clearly Russia’s involvement in the ongoing conflict. This was also a reckless and indiscriminate cyber-attack that will be met with international consequences.”
The statement did not specify what “consequences” Russia would face or which U.S. government entity determined Russia was responsible for the attack.
Russia’s government denied it was responsible on Thursday, after the British accusation.
“We categorically dismiss such accusations; we consider them unsubstantiated and groundless. It’s not more than a continuation of the Russophobic campaign which is not based on any evidence,” said Kremlin spokesman Dmitry Peskov.
Unlike the U.S. statement, which cited “billions of dollars” in damage, the U.K. asserted only “hundreds of millions of pounds.” The attack caused an estimated $1.2 billion in damage to companies, the BBC reported. Corporate victims included shipping firm Maersk, which predicted losses at $200 billion to $300 billion.
The British government’s attribution came from the U.K. National Cyber Security Centre and, unlike the White House, struck a conciliatory tone.
“The Kremlin has positioned Russia in direct opposition to the West: it doesn’t have to be that way,” said U.K Minister of State for Cyber Tariq Ahmad. “We call upon Russia to be the responsible member of the international community it claims to be rather then secretly trying to undermine it.”
The British statement said the computer attack prompted a ransom note, but no possibility for payment.
“The ransom note instructed victims to make payments to a single Bitcoin wallet with confirmation that they had paid. However, flaws in the payment process quickly became apparent as the ransom note did not display a ‘personal identification ID’ which would enable the attacker to know whose data to decrypt and the payment collection infrastructure was quickly taken down by the attacker’s email provider. The malware was not designed to be decrypted,” the British statement said.
The White House threat of “consequences” comes after the Trump administration decided earlier this year not to impose new sanctions targeting Russia. In January, the Trump administration said it would not impose sanctions on entities making military purchases from Russia because a law passed last year over President Trump’s objection was serving as a deterrent without actual enforcement.
