NATO is closely monitoring the BadRabbit ransomware that affected computer systems in Ukraine and other countries, and the alliance is in touch with industry partners to address the problem, a NATO official told The Defense Post on Thursday.
On October 24, Ukraine, the United States, Turkey, Russia and a number of other countries were hit by ransomware suspected to be a variant of the malicious software Petya that infected computer systems earlier this year.
Computers infected with the malware restrict user access, demanding a ransom to unlock systems.
Ransomware #BadRabbit spread in Russia 🇷🇺, Ukraine 🇺🇦, Turkey 🇹🇷 and Bulgary 🇧🇬 via fake Flash using #EternalBlue exploit pic.twitter.com/gzvaeLvXoM
— Lukas Stefanko (@LukasStefanko) October 24, 2017
According to media reports, the attack originated in Ukraine and struck Odessa International Airport and the metro transportation system in Kiev, the country’s capital. BadRabbit also affected Russian media outlets Interfax and Fontanka.
The software reportedly used the leaked U.S. National Security Agency exploits for Windows to spread across networks.
The NATO official said the alliance has been monitoring recent cyber attacks very closely.
“Our experts are continuously in touch with relevant national authorities to exchange information, and we are also working closely with our industry partners. Such incidents continue to underscore the priority for us all to strengthen and enhance our cyber defenses,” the official said.
In August, U.S. Cyber Command head Lt. Gen. Paul Nakasone said Ukraine was serving as a testing ground for cyber warfare, “a virtual training center.”
NATO has taken steps to beef up the country’s cyber defenses. In July, NATO Secretary-General Jens Stoltenberg announced that the bloc supplied Ukraine with “state of the art” equipment aimed at preventing damage from software like BadRabbit, which paralyzed some major IT systems.
Recently #NATO delivered state of the art #cyber defence
equipment, helping #Ukraine to improve cyber security – @jensstoltenberg 🇺🇦 pic.twitter.com/1nUdDbV5kx— Dylan P. White (@NATODepSpox) July 10, 2017
“The dangerous aspect is the fact that it [the malware] was able to infect many institutions which constitute critical infrastructure in such a short timeframe, which indicates a well-coordinated attack,” a malware researcher at ESET, Robert Lipovsky, told WIRED.
When asked about the use of NATO-supplied equipment during the incident, the alliance’s official said the bloc is “helping to strengthen Ukraine’s resilience to cyber-attacks” through a Cyber Defence Trust Fund.
“We have delivered state of the art cyber defense equipment, helping key government institutions to better investigate cyber security incidents and to protect themselves from cyber-attacks such as those we saw recently,” the official said. “For more details, please ask the Ukrainian authorities.”