The hackers behind a global cyberattack in June that primarily hit Ukraine government agencies, businesses, banks, and utilities weren’t only out to watch the world burn, new research has found.
Earlier this week, cybersecurity researchers detected movement around the bitcoin wallet that hackers designated for ransom payment during the June 28 attack, which used a variation of the Petya ransomware. Motherboard reported that about $10,000 has been withdrawn from the wallet and the unknown hacker group has offered to unlock the encrypted files.
The software used for the attack was originally pegged as a ransomware attack, which holds hostage victims’ files and restricts computer access until payment is made. Due to a lack of response after some ransom payments were made following the attack, however, researchers presumed the hackers weren’t financially motivated, and were intending to keep files regardless of whether payment was made.
The hackers are also believed to have posted an announcement requesting more than $250,000 worth of bitcoin in exchange for the decryption key that would release the documents seized in what is now being referred to as the NotPetya attack. However, it’s not clear whether the hackers behind the announcement and the cyberattack are the same.
Cybersecurity researcher Matt Suiche with Comae Technologies told Motherboard that switching the motive behind the attack is a tactic to confuse journalists and the public at large. “This is a fear, uncertainty and doubt case” and “a clear attempt from the attackers to try to further confuse the audience, by changing the wiper narrative into a ransomware one again,” he said.
Ransomware attacks have become increasingly common, typically because they’re associated with low risk and high rewards. The NotPetya ransomware attack is the second attack in as many months that has affected computer systems worldwide. Hackers in May’s WannaCry attack collected $100,000 worth of bitcoin.
The rise in these attacks makes cybersecurity a chief international concern, but few countries are prepared to tackle it. According to a recent United Nations study, the U.S. ranks second in terms of its preparedness for cybercrime. Singapore bested the global superpower for the top spot, Reuters reported. The study evaluated and scored countries’ on their legal, technical, educational, research, and organizational frameworks as well as their ability to share information.
“Cybersecurity is an ecosystem where laws, organizations, skills, cooperation and technical implementation need to be in harmony to be most effective,” the report’s authors wrote.
“The degree of interconnectivity of networks implies that anything and everything can be exposed, and everything from national critical infrastructure to our basic human rights can be compromised.”