Five years before Russia launched its physical assault on Ukraine, it launched a digital assault. On June 27th, 2017, the day before a major public holiday, Ukrainians woke up to black screens everywhere. “They could not take money from ATMs, pay for gas at stations, send or receive mail, pay for a train ticket, buy groceries, get paid, or – perhaps most terrifying of all – monitor radiation levels at Chernobyl.” That’s according to Nicole Perlroth, whose book about cyber warfare won last year’s Business Book of the Year.
The cause of the disruption was a piece of software called NotPetya. Exploiting vulnerabilities in Microsoft Windows, it worked its way through the country’s computer networks, grabbing passwords as it went. It was introduced into the country via an accounting and bookkeeping package used by 80% of Ukrainian firms. From there, a routine update set it on its way. System users would be greeted with a ransom demand, but that was only a ruse – NotPetya’s motive wasn’t gre…