According to Oleksii Yasinsky of the Kiev cybersecurity firm ISSP, Ukraine has become a "training ground" for suspected Russian hackers to "hone technologies, mastery and attack techniques" for bigger targets.
The head of the United Kingdom national cyber security centre said in November that Russian hackers had already tried to attack British energy, telecom and media companies. Prime Minister Theresa May reprimanded Russia for cyber interference, a warning echoed by Foreign Secretary Boris Johnson during a visit to Moscow last week. Russia denied it, but Yasinsky is convinced another onslaught is coming.
"It will be a quiet attack," he said. "Whoever controls cyberspace will control the world."
The June incident was the latest in a series of attacks in Ukraine. Two days before Christmas 2015, hackers cut power to 225,000 people there. On December 17, 2016, a power cut in Kiev plunged the capital into darkness. The attacks were attributed to a hacker group called "Sandworm", believed by some to be linked to the group that allegedly interfered in the United States elections.
Although Russian state oil giant Rosneft claimed to have been targeted, it said it avoided serious consequences. After demonstrations brought a pro-Western Government to power in 2014, Russia drew international reproach by annexing Crimea and backing separatists in eastern Ukraine.
But it also allegedly began a surreptitious incursion into Ukrainian cyberspace, stealing secrets and causing mayhem.
Initially, the June incident was said to be a ransomware attack, in which hackers encrypt files and hold them hostage for a fee. This proved to be a red herring. This new "NotPetya", as it was dubbed, targeted state actors and was not able to take ransom payments or restore the data it destroyed, leading ISSP and others to argue that it was state-sponsored wiper malware masquerading as ransomware.
The assassination by car bomb of a military intelligence colonel the same day in Kiev seemed to further link it to Russia's "hybrid war" against Ukraine.
Customers were unable to buy food as supermarket checkout systems crashed. Cashpoints failed, operations at hospitals in Ukraine ground to a halt and a system to locate and request rare medicines stopped working. The national mail carrier, Ukrposhta, could not accept or deliver parcels for days.
Victims have been loath to report their losses, but Maersk, the Danish shipping container company, put the cost at US$300 million ($422.6m). The damage could have been worse if it had not been a holiday weekend, according to Ihor Smilyansky, Ukrposhta's director.
"They picked that time just to send a message: 'We can do it. If we want, we can paralyse everything'," he said.
The intended recipients were in Brussels, London and Washington, said John Hultquist, head of intelligence analysis at FireEye.
"They're demonstrating capabilities to make the West pause," he said.
"I don't think Russia is going to keep this bottled up in Ukraine."
So Russia will walk away?
Dmytro Shymkiv said: "No. Everyone who says they would is naive."
- Telegraph Group Ltd
