Second cyberattack foiled after police raid

KIEV (AP):

Ukrainian authorities have avoided a second cyberattack, the country's interior minister said yesterday, an announcement that suggests the effort to wreak electronic havoc across the country is ongoing.

Ukraine is still trying to find its feet after scores or even hundreds of businesses and government agencies were hit by an explosion of data-scrambling software on June 27. In a Facebook post, Interior Minister Arsen Avakov said there was a second stage to that attack, timed to hit its peak at 4 p.m. in Ukraine on July 4.

Avakov said the second strike like the first one originated from servers at the Ukrainian tax software company M.E. Doc, which sheds a little more light on Tuesday's heavily armed raid on M.E. Doc's office and the seizure of its servers.

The firm acknowledged yesterday that it had been broken into and used by hackers to seed an epidemic of malware an admission that came after a week of increasingly implausible denials.

It's not clear what the thrust or scope of the second cyberattack in Ukraine was, but M.E. Doc is widely used across Ukraine, making it a tempting springboard for hackers. An executive at the company behind the software was quoted by Interfax-Ukraine as saying it was installed on one million machines across the country.

How many of those machines have been infected is an open question.

The June 27 attack initially seemed to be a particularly aggressive form of ransomware, but many analysts who picked it apart later said it appeared to be a thinly disguised attempt to destroy data and sow chaos. Some said the malware epidemic was likely state-backed, and Ukrainian officials have squarely put the blame on the Kremlin.

Russian officials routinely deny such claims.