Relations between the two nations have been tense since Moscow annexed the Crimean peninsula from Ukraine in 2014."UKRAINE IN PAINAlthough the attack was global in its reach, Ukraine bore the brunt.S. Pro-Russian fighters are still battling the government in eastern Ukraine. "ATMS are working (again) but some bank operations are still limited.A cyber attack that caused indiscriminate economic damage around the world was apparently designed to create maximum havoc in Russias neighbor and adversary Ukraine, security researchers said. Computers were disabled at banks, government agencies, energy companies, supermarkets, railways and telecommunications providers.

They appear to have relied on a single email address that was blocked almost immediately and a single bitcoin account that collected the relatively puny sum of $10,000.In Ukraine, suspicion immediately fell on hackers affiliated with Vladimir Putins regime, although there is no direct, public evidence tying Russia to the attack. National Security Agencys elite cyberwarfare group, told The Associated Press in an online chat."Everything being said so far does point to Russia being a leading candidate for a suspect in this attack," said Robert M.Danish shipping giant A. It is one of just two companies in the eastern European nation that supplies required tax software, Zhora said.ACCOUNTING FOR MALWAREWilliams and other researchers said all evidence indicates that NotPetya was introduced via Ukrainian financial software provider MeDoc.

Moller-Maersk, one of the global companies hit hardest, said Thursday that most of its terminals were running again, though some are operating in a limited way or more slowly than usual.NotPetya was cleverly engineered to spread laterally within Windows networks and across the globe via private network connections."It is clear that this was targeted indiscriminately at Ukrainian businesses, and the Ukrainian government," Jake Williams, president of the security firm Rendition Infosec and a former member of the U. At Mumbais Jawaharlal Nehru Port, several hundred containers could be seen piled up at just two of more than a dozen yards. Globally, dozens of major corporations and government agencies have been disrupted, including FedEx subsidiary TNT.

Problems have been reported across the shippers global business, from Mobile, Alabama, to Mumbai in India.But researchers said the culprits would have been hard-pressed to make money off the scheme."There is still a lot of damage, especially in banks," said Victor Zhora, CEO of the Kiev cybersecurity firm InfoSafe. Such malware locks up victims files by encrypting them, then holds them hostage while demanding payment - usually in bitcoin, the hard-to-trace digital currency.Firms including Russias anti-virus Kaspersky Lab, said clues in the code indicate that the programs authors would have been incapable of decrypting the data, further evidence that the ransom demands were a smoke screen.The timing was intriguing, too."And thats just in Ukraine. Many of these organizations said they had recovered by Thursday, although some experts suspected that work was incomplete. "I expect that we will see additional fallout from this is the coming days," said Williams.P. "We are actually in a fix because of all this.

A disruptive attack on the nations voting system ahead of 2014 national elections is also attributed to Russia.Security experts believe MeDoc was the unwitting victim of something akin to a "watering-hole attack," where a malicious program surreptitiously planted at a popular destination infects parties that visit.Experts have also blamed pro-Russian hackers for major cyberattacks on the Ukrainian power grid in 2015 and 2016, China wholesale cereal container assaults that have turned the eastern European nation into the worlds leading cyberwarfare testing ground." He estimated damage in "the millions of dollars, perhaps tens of millions.While the rogue software used in the attack was configured as extortionate "ransomware," that may have just been a ruse. The attack came the same day as the assassination of a senior Ukrainian military intelligence officer and a day before a national holiday celebrating the new Ukrainian constitution signed after the breakup of the Soviet Union.

THE MOSCOW CONNECTIONThe malicious program, which is known by a variety of names, including NotPetya, initially appeared to be ransomware. MeDocs user base is heavily financial - and includes multinational corporations with offices in Ukraine.Whats most worrisome and reprehensible, said Lee, is that whoever was behind the attack was unconcerned about the indiscriminate, collateral damage it caused - much of it within Russia itself. "The ransomware component is just a smokescreen (and a bad one).". an expert who has studied the attacks on Ukraines power grid. Microsoft said the malware hit at least 64 nations, including Russia, Germany and the United States. Thats highly atypical behavior for nation-states."The vessels are coming, the ships are coming, but they are not able to take the container because all the systems are down," trading and clearing agent Rajeshree Verma said. Lee, CEO of Dragos Inc