The small Ukrainian tax software company that is accused of being the patient zero of a damaging global cyber epidemic is under investigation and will face charges, the head of Ukraine’s Cyber Police suggested last week.
Col. Serhiy Demydiuk, the head of Ukraine’s national Cyber police unit, said in an interview with The Associated Press that Kiev-based M.E. Doc’s employees had blown off repeated warnings about the security of their information technology infrastructure.
“They knew about it,” he told the AP at his office. “They were told many times by various anti-virus firms. … For this neglect, the people in this case will face criminal responsibility.”
Demydiuk and other officials say last month’s unusually disruptive cyberattack was mainly spread through a malicious update to M.E. Doc’s eponymous tax software program, which is widely used by accountants and businesses across Ukraine.
The malicious update, likely planted on M.E. Doc’s update server by a hacker, was then disseminated across the country before exploding into an epidemic of data-scrambling software that Ukrainian and several other multinational firms are still recovering from.
M.E. Doc has given various explanations for its role in the outbreak. It initially acknowledged having been hacked, but then deleted the statement . It then called allegations it had seeded the outbreak “clearly erroneous” but later said it was cooperating with authorities. The company has not returned messages from AP seeking comment.
Meanwhile, several companies hit by last month’s cyber attack edged toward normalcy last week.
Law firm DLA Piper said late on Sunday, July 2 that it has restored its email service and was working to bring its other networks back online. Danish shipper A.P. Moller-Maersk said Monday, July 3 it was that “getting closer to full speed” and that all but one cargo terminal was back in action. Russian companies were reportedly affected as well; Russian state-owned oil giant Rosneft said last week that it had taken the company six days to fully repair its computer systems after they were badly hit in the cyber attack.
Ukrainian authorities have blamed Russia for masterminding the outbreak, although several independent experts say it’s too early, based on what’s publicly known, to come to any firm conclusions. Ukraine has repeatedly come under fire from high-powered cyber attacks tied to Moscow.
The extent of the damage and disruption in Ukraine was still unclear early last week. Authorities have yet to release an accounting of the number of victims or guess at the cost inflicted by the malware. Demydiuk said his service was still collating figures and declined to even provide estimates.
It’s clear, though, that the economic disruption has not been negligible. Some bank employees had not been to work in days.
(Howard Amos in Moscow contributed to this report. )