Trump Administration Still Silent on This Week’s Major Malware Attack

The attack, directed largely at Ukraine, may have come from Russia.

Jaap Arriens/Zuma

For indispensable reporting on the coronavirus crisis, the election, and more, subscribe to the Mother Jones Daily newsletter.

It’s been nearly four days since a malware attack disabled computers in Ukraine, as well as elsewhere in Europe and parts of the United States, in an attack that could be the latest offensive in Russia’s ongoing conflict with Ukraine, and the administration of President Donald Trump has yet to weigh in. 

“If indeed it turns out that this is more than just a simple criminal enterprise, but reflects a state-based effort to intimidate or bully another state, in this case Ukraine on its Constitution Day, that in and of itself is really noteworthy,” says Michael Sulmeyer, project director of the Belfer Center Cyber Security Project at the Harvard Kennedy School and a former cyber policy official in the Defense Department, “because now we’re talking about using cyber capabilities for the exercise of state power and international security.”

A spokesman for the National Security Council did not return an email asking about the administration’s response to the situation, and White House spokeswoman Sarah Huckabee Sanders did not respond to a request for comment.

This latest malware attack occurred late Monday night and into Tuesday morning, when it became evident that an electric power supplier in Kiev, Ukraine, had been hit with what was thought to be ransomware, illicit software that encrypts a victim computer’s files or drives until a ransom is paid. Major corporations in other countries also suffered a cyberattack, including shipping behemoth Maersk, international law firm DLA Piper, and a hospital system in Pittsburgh. 

Researchers soon learned that the code making up the malware—whether by design or accident—prevented the locked files from being decrypted. They also learned that one of the key methods of infection was through updates to accounting software called MeDoc, which is widely used by companies based in and doing business in Ukraine, and by Ukrainians to pay their taxes. 

Those factors, along with the fact that Russia has been consistently pounding the Ukraine with attacks—cyber and otherwise—led some researchers to believe that the attack was not just a run-of-the-mill ransomware episode, but rather a state-sponsored cyberattack. Bolstering that view is the fact that on the morning of the cyberattack, a Ukrainian military intelligence officer was murdered in a car bombing in Kiev. The attack also began just before the nation celebrated the anniversary of the ratification, in 1996, of its first constitution after independence from the Soviet Union.

“I think this was directed at us,” Roman Boyarchuk, the head of the Center for Cyber Protection in Ukraine’s State Service for Special Communications and Information Protection, told Wired magazine. “This is definitely not criminal. It is more likely state-sponsored.” As for the theory that Russia is behind the attacks, Boyarchuk told Wired that “it’s difficult to imagine anyone else would want to do this.”

It’s unclear whether Trump will address the episode or the broader issue of Russian cyber activity when he meets with Russian President Vladimir Putin at the G20 summit in Hamburg, Germany, at the end of next week. National Security Adviser H.R. McMaster told reporters Thursday that Trump has “no specific agenda” going into the summit, but that the president had tasked his staff with coming up with plans to confront “Russia’s destabilizing behavior,” including cyber threats or “political subversion” in the United States or Europe.

Sulmeyer points out that latest meeting of the United Nations Group of Governmental Experts, which was working to come to a set of international cyberspace norms, fell apart without an agreement last week.  “You start to wonder, in a situation [like this], what should be the rules of the road,” he says. “And is there any prospects for the international community to ever agree on any?”

SIX TRUTHS

Reclaiming power from those who abuse it often starts with telling the truth. And in "This Is How Authoritarians Get Defeated," MoJo's Monika Bauerlein unpacks six truths to remember during the homestretch of an election where democracy, truth, and decency are on the line.

Truth #1: The chaos is the point.

Truth #2: Team Reality is bigger than it seems.

Truth #3: Facebook owns this.

Truth #4: When we go to work, we're in the fight.

Truth #5: It's about minority rule.

Truth #6: The only thing that can save us is…us.

Please take a moment to see how all these truths add up, because what happens in the weeks and months ahead will reverberate for at least a generation and we better be prepared.

And if you think journalism like Mother Jones'—that calls it like it is, that will never acquiesce to power, that looks where others don't—can help guide us through this historic, high-stakes moment, and you're able to right now, please help us reach our $350,000 goal by October 31 with a donation today. It's all hands on deck for democracy.

payment methods

SIX TRUTHS

Reclaiming power from those who abuse it often starts with telling the truth. And in "This Is How Authoritarians Get Defeated," MoJo's Monika Bauerlein unpacks six truths to remember during the homestretch of an election where democracy, truth, and decency are on the line.

Truth #1: The chaos is the point.

Truth #2: Team Reality is bigger than it seems.

Truth #3: Facebook owns this.

Truth #4: When we go to work, we're in the fight.

Truth #5: It's about minority rule.

Truth #6: The only thing that can save us is…us.

Please take a moment to see how all these truths add up, because what happens in the weeks and months ahead will reverberate for at least a generation and we better be prepared.

And if you think journalism like Mother Jones'—that calls it like it is, that will never acquiesce to power, that looks where others don't—can help guide us through this historic, high-stakes moment, and you're able to right now, please help us reach our $350,000 goal by October 31 with a donation today. It's all hands on deck for democracy.

payment methods

We Recommend

Latest

Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate