UK Accuses Russia Of Massive Cyberattack on Global Supply Chains

Feb 19 2018, 4:35 AM3 min read

Maersk, TNT and other global companies that suffered nearly a billion dollars in collective damages were not the intended targets of a Russia-launched cyberattack. How, then, were they infected?

wk1003mike/Shutterstock.com

“The UK government judges that the Russian government, specifically the Russian military, was responsible for the destructive NotPetya cyberattack. Its reckless release disrupted organisations across Europe costing hundreds of millions of pounds. “We call upon Russia to be the responsible member of the international community it claims to be, rather then secretly trying to undermine it.”

This statement was part of the UK Government’s unusual step last week of publicly accusing the Russian military of being behind a cyberattack. The White House also called out Russia, issuing the following statement: “In June 2017, the Russian military launched the most destructive and costly cyberattack in history. This was also a reckless and indiscriminate cyberattack that will be met with international consequences.”

Experts believe that Russian hackers launched 2,000 “NotPetya” attacks in the early hours of June 27 last year. NotPetya was designed to masquerade as ransomware, but was soon revealed to be wiper malware with the purpose of destroying computer systems, erasing data and disrupting business operations.

Global firms were collateral damage

One of the consequences of living in a connected world is increased vulnerability to indiscriminate cyberattacks, even for organisations that are not the hackers’ intended victims.

NotPetya’s primary target was a shipping company in Ukraine, which has been locked in conflict with Russian-backed separatists since 2014. However, the virus-like nature of the cyberattack meant that businesses with strong trade links with Ukraine, including parts of FedEx, Danish shipping giant Maersk, UK manufacturer Reckit Benckister, and Dutch delivery firm TNT were also affected. Pharmaceutical firm Merck & Co and FedEx reported permanent damage to the systems, while a West Virginia health system had to replace its entire network after being attacked.

Russian officials have responded that the claims are “groundless” and that Russian businesses were among those whose systems were affected.

Read more: Wall Street Journal

In other news this week:

Unilever Publishes Palm Oil Supplier Data

In a move to boost transparency, consumer goods giant Unilever has published the location of over 1,400 mills and over 300 direct suppliers of palm oil.
The palm oil industry is under increasing pressure from consumers after revelations of deforestation and human rights abuses in Indonesia and other countries.
A spokesperson from Unilever said the company hoped that sharing the information would be the start of a new industry-wide movement towards supply chain transparency.