Trump Administration Still Silent on This Week’s Major Malware Attack

The attack, directed largely at Ukraine, may have come from Russia.

Jaap Arriens/Zuma

Fight disinformation: Sign up for the free Mother Jones Daily newsletter and follow the news that matters.

It’s been nearly four days since a malware attack disabled computers in Ukraine, as well as elsewhere in Europe and parts of the United States, in an attack that could be the latest offensive in Russia’s ongoing conflict with Ukraine, and the administration of President Donald Trump has yet to weigh in. 

“If indeed it turns out that this is more than just a simple criminal enterprise, but reflects a state-based effort to intimidate or bully another state, in this case Ukraine on its Constitution Day, that in and of itself is really noteworthy,” says Michael Sulmeyer, project director of the Belfer Center Cyber Security Project at the Harvard Kennedy School and a former cyber policy official in the Defense Department, “because now weā€™re talking about using cyber capabilities for the exercise of state power and international security.”

A spokesman for the National Security Council did not return an email asking about the administration’s response to the situation, and White House spokeswoman Sarah Huckabee Sanders did not respond to a request for comment.

This latest malware attack occurred late Monday night and into Tuesday morning, when it became evident that an electric power supplier in Kiev, Ukraine, had been hit with what was thought to be ransomware, illicit software that encrypts a victim computer’s files or drives until a ransom is paid. Major corporations in other countries also suffered a cyberattack, including shipping behemoth Maersk, international law firm DLA Piper, and a hospital system in Pittsburgh. 

Researchers soon learned that the code making up the malwareā€”whether by design or accidentā€”prevented the locked files from being decrypted. They also learned that one of the key methods of infection was through updates to accounting software called MeDoc, which is widely used by companies based in and doing business in Ukraine, and by Ukrainians to pay their taxes. 

Those factors, along with the fact that Russia has been consistently pounding the Ukraine with attacksā€”cyber and otherwiseā€”led some researchers to believe that the attack was not just a run-of-the-mill ransomware episode, but rather a state-sponsored cyberattack. Bolstering that view is the fact that on the morning of the cyberattack, a Ukrainian military intelligence officer was murdered in a car bombing in Kiev. The attack also began just before the nation celebrated the anniversary of the ratification, in 1996, of its first constitution after independence from the Soviet Union.

“I think this was directed at us,” Roman Boyarchuk, the head of the Center for Cyber Protection in Ukraine’s State Service for Special Communications and Information Protection, told Wired magazine. “This is definitely not criminal. It is more likely state-sponsored.” As for the theory that Russia is behind the attacks, Boyarchuk told Wired that “it’s difficult to imagine anyone else would want to do this.”

It’s unclear whether Trump will address the episode or the broader issue of Russian cyber activity when he meets with Russian President Vladimir Putin at the G20 summit in Hamburg, Germany, at the end of next week. National Security Adviser H.R. McMaster told reporters Thursday that Trump has “no specific agenda” going into the summit, but that the president had tasked his staff with coming up with plans to confront “Russia’s destabilizing behavior,” including cyber threats or “political subversion” in the United States or Europe.

Sulmeyer points out that latest meeting of the United Nations Group of Governmental Experts, which was working to come to a set of international cyberspace norms, fell apart without an agreement last week.  “You start to wonder, in a situation [like this], what should be the rules of the road,” he says. “And is there any prospects for the international community to ever agree on any?”

WE'LL BE BLUNT

It is astonishingly hard keeping a newsroom afloat these days, and we need to raise $253,000 in online donations quickly, by October 7.

The short of it: Last year, we had to cut $1 million from our budget so we could have any chance of breaking even by the time our fiscal year ended in June. And despite a huge rally from so many of you leading up to the deadline, we still came up a bit short on the whole. We canā€™t let that happen again. We have no wiggle room to begin with, and now we have a hole to dig out of.

Readers also told us to just give it to you straight when we need to ask for your support, and seeing how matter-of-factly explaining our inner workings, our challenges and finances, can bring more of you in has been a real silver lining. So our online membership lead, Brian, lays it all out for you in his personal, insider account (that literally puts his skin in the game!) of how urgent things are right now.

The upshot: Being able to rally $253,000 in donations over these next few weeks is vitally important simply because it is the number that keeps us right on track, helping make sure we don't end up with a bigger gap than can be filled again, helping us avoid any significant (and knowable) cash-flow crunches for now. We used to be more nonchalant about coming up short this time of year, thinking we can make it by the time June rolls around. Not anymore.

Because the in-depth journalism on underreported beats and unique perspectives on the daily news you turn to Mother Jones for is only possible because readers fund us. Corporations and powerful people with deep pockets will never sustain the type of journalism we exist to do. The only investors who wonā€™t let independent, investigative journalism down are the people who actually care about its futureā€”you.

And we need readers to show up for us big timeā€”again.

Getting just 10 percent of the people who care enough about our work to be reading this blurb to part with a few bucks would be utterly transformative for us, and that's very much what we need to keep charging hard in this financially uncertain, high-stakes year.

If you can right now, please support the journalism you get from Mother Jones with a donation at whatever amount works for you. And please do it now, before you move on to whatever you're about to do next and think maybe you'll get to it later, because every gift matters and we really need to see a strong response if we're going to raise the $253,000 we need in less than three weeks.

payment methods

WE'LL BE BLUNT

It is astonishingly hard keeping a newsroom afloat these days, and we need to raise $253,000 in online donations quickly, by October 7.

The short of it: Last year, we had to cut $1 million from our budget so we could have any chance of breaking even by the time our fiscal year ended in June. And despite a huge rally from so many of you leading up to the deadline, we still came up a bit short on the whole. We canā€™t let that happen again. We have no wiggle room to begin with, and now we have a hole to dig out of.

Readers also told us to just give it to you straight when we need to ask for your support, and seeing how matter-of-factly explaining our inner workings, our challenges and finances, can bring more of you in has been a real silver lining. So our online membership lead, Brian, lays it all out for you in his personal, insider account (that literally puts his skin in the game!) of how urgent things are right now.

The upshot: Being able to rally $253,000 in donations over these next few weeks is vitally important simply because it is the number that keeps us right on track, helping make sure we don't end up with a bigger gap than can be filled again, helping us avoid any significant (and knowable) cash-flow crunches for now. We used to be more nonchalant about coming up short this time of year, thinking we can make it by the time June rolls around. Not anymore.

Because the in-depth journalism on underreported beats and unique perspectives on the daily news you turn to Mother Jones for is only possible because readers fund us. Corporations and powerful people with deep pockets will never sustain the type of journalism we exist to do. The only investors who wonā€™t let independent, investigative journalism down are the people who actually care about its futureā€”you.

And we need readers to show up for us big timeā€”again.

Getting just 10 percent of the people who care enough about our work to be reading this blurb to part with a few bucks would be utterly transformative for us, and that's very much what we need to keep charging hard in this financially uncertain, high-stakes year.

If you can right now, please support the journalism you get from Mother Jones with a donation at whatever amount works for you. And please do it now, before you move on to whatever you're about to do next and think maybe you'll get to it later, because every gift matters and we really need to see a strong response if we're going to raise the $253,000 we need in less than three weeks.

payment methods

We Recommend

Latest

Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate