Trump Administration Still Silent on This Week’s Major Malware Attack

The attack, directed largely at Ukraine, may have come from Russia.

Jaap Arriens/Zuma

Fight disinformation: Sign up for the free Mother Jones Daily newsletter and follow the news that matters.

It’s been nearly four days since a malware attack disabled computers in Ukraine, as well as elsewhere in Europe and parts of the United States, in an attack that could be the latest offensive in Russia’s ongoing conflict with Ukraine, and the administration of President Donald Trump has yet to weigh in. 

“If indeed it turns out that this is more than just a simple criminal enterprise, but reflects a state-based effort to intimidate or bully another state, in this case Ukraine on its Constitution Day, that in and of itself is really noteworthy,” says Michael Sulmeyer, project director of the Belfer Center Cyber Security Project at the Harvard Kennedy School and a former cyber policy official in the Defense Department, “because now we’re talking about using cyber capabilities for the exercise of state power and international security.”

A spokesman for the National Security Council did not return an email asking about the administration’s response to the situation, and White House spokeswoman Sarah Huckabee Sanders did not respond to a request for comment.

This latest malware attack occurred late Monday night and into Tuesday morning, when it became evident that an electric power supplier in Kiev, Ukraine, had been hit with what was thought to be ransomware, illicit software that encrypts a victim computer’s files or drives until a ransom is paid. Major corporations in other countries also suffered a cyberattack, including shipping behemoth Maersk, international law firm DLA Piper, and a hospital system in Pittsburgh. 

Researchers soon learned that the code making up the malware—whether by design or accident—prevented the locked files from being decrypted. They also learned that one of the key methods of infection was through updates to accounting software called MeDoc, which is widely used by companies based in and doing business in Ukraine, and by Ukrainians to pay their taxes. 

Those factors, along with the fact that Russia has been consistently pounding the Ukraine with attacks—cyber and otherwise—led some researchers to believe that the attack was not just a run-of-the-mill ransomware episode, but rather a state-sponsored cyberattack. Bolstering that view is the fact that on the morning of the cyberattack, a Ukrainian military intelligence officer was murdered in a car bombing in Kiev. The attack also began just before the nation celebrated the anniversary of the ratification, in 1996, of its first constitution after independence from the Soviet Union.

“I think this was directed at us,” Roman Boyarchuk, the head of the Center for Cyber Protection in Ukraine’s State Service for Special Communications and Information Protection, told Wired magazine. “This is definitely not criminal. It is more likely state-sponsored.” As for the theory that Russia is behind the attacks, Boyarchuk told Wired that “it’s difficult to imagine anyone else would want to do this.”

It’s unclear whether Trump will address the episode or the broader issue of Russian cyber activity when he meets with Russian President Vladimir Putin at the G20 summit in Hamburg, Germany, at the end of next week. National Security Adviser H.R. McMaster told reporters Thursday that Trump has “no specific agenda” going into the summit, but that the president had tasked his staff with coming up with plans to confront “Russia’s destabilizing behavior,” including cyber threats or “political subversion” in the United States or Europe.

Sulmeyer points out that latest meeting of the United Nations Group of Governmental Experts, which was working to come to a set of international cyberspace norms, fell apart without an agreement last week.  “You start to wonder, in a situation [like this], what should be the rules of the road,” he says. “And is there any prospects for the international community to ever agree on any?”

AN IMPORTANT UPDATE

We’re falling behind our online fundraising goals and we can’t sustain coming up short on donations month after month. Perhaps you’ve heard? It is impossibly hard in the news business right now, with layoffs intensifying and fancy new startups and funding going kaput.

The crisis facing journalism and democracy isn’t going away anytime soon. And neither is Mother Jones, our readers, or our unique way of doing in-depth reporting that exists to bring about change.

Which is exactly why, despite the challenges we face, we just took a big gulp and joined forces with the Center for Investigative Reporting, a team of ace journalists who create the amazing podcast and public radio show Reveal.

If you can part with even just a few bucks, please help us pick up the pace of donations. We simply can’t afford to keep falling behind on our fundraising targets month after month.

Editor-in-Chief Clara Jeffery said it well to our team recently, and that team 100 percent includes readers like you who make it all possible: “This is a year to prove that we can pull off this merger, grow our audiences and impact, attract more funding and keep growing. More broadly, it’s a year when the very future of both journalism and democracy is on the line. We have to go for every important story, every reader/listener/viewer, and leave it all on the field. I’m very proud of all the hard work that’s gotten us to this moment, and confident that we can meet it.”

Let’s do this. If you can right now, please support Mother Jones and investigative journalism with an urgently needed donation today.

payment methods

AN IMPORTANT UPDATE

We’re falling behind our online fundraising goals and we can’t sustain coming up short on donations month after month. Perhaps you’ve heard? It is impossibly hard in the news business right now, with layoffs intensifying and fancy new startups and funding going kaput.

The crisis facing journalism and democracy isn’t going away anytime soon. And neither is Mother Jones, our readers, or our unique way of doing in-depth reporting that exists to bring about change.

Which is exactly why, despite the challenges we face, we just took a big gulp and joined forces with the Center for Investigative Reporting, a team of ace journalists who create the amazing podcast and public radio show Reveal.

If you can part with even just a few bucks, please help us pick up the pace of donations. We simply can’t afford to keep falling behind on our fundraising targets month after month.

Editor-in-Chief Clara Jeffery said it well to our team recently, and that team 100 percent includes readers like you who make it all possible: “This is a year to prove that we can pull off this merger, grow our audiences and impact, attract more funding and keep growing. More broadly, it’s a year when the very future of both journalism and democracy is on the line. We have to go for every important story, every reader/listener/viewer, and leave it all on the field. I’m very proud of all the hard work that’s gotten us to this moment, and confident that we can meet it.”

Let’s do this. If you can right now, please support Mother Jones and investigative journalism with an urgently needed donation today.

payment methods

We Recommend

Latest

Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate