As the dust settles on the initial round of global ransomware attacks, Russian president Vladimir Putin has said the incident has "nothing to do" with Russia, instead choosing to echo the view of Microsoft in placing partial blame for the incident with US intelligence.
Putin, speaking during a conference in Beijing this week (15 May), said malware strains created by security services "could backfire on those who developed and created them" and that the ransomware – dubbed WannaCry – failed to impact his country's critical infrastructure.
When it emerged on 13 May (Friday), the malware caused chaos on a global scale - demanding money in return for access to locked computer files.
It resulted in widespread disruption of the UK National Health Service (NHS) and – according to Europol – later spread to 200,000 victims across roughly 150 countries.
Putin, addressing the issue as tensions between the US and Russian remain high, called for cybersecurity to be discussed at a "serious political level."
He claimed Russian banks, healthcare services were not impacted by the worm but stressed the attack was still considered serious. "There is nothing good here," he said.
The Russian president referenced a Sunday (14 May) blog post from Microsoft, which said the global ransomware attacks were exploiting a vulnerability linked to the US National Security Agency (NSA). The bugs were leaked online earlier this year by a group known as 'Shadow Brokers'.
In the post, Microsoft president Brad Smith said: "Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen."
Putin agreed with the tech giant, saying that US intelligence agencies were likely responsible for the spread of the WannaCry worm, Tass reported. "The initial source of this virus is the United States security agencies, Russia's got absolutely nothing to do with it," he said.
The worm is expected to spread across more unpatched computers as the working week continues – and fresh malware strains have already started to appear up in-the-wild. Law enforcement, including Europol and the UK's new National Cyber Security Centre (NCSC), is now investigating.
Here is some simple advice from the NCSC on how to stay protected:
- Keep your organisation's security software patches up to date
- Use proper antivirus software services
- Most importantly for ransomware, back up the data that matters to you, because you can't be held to ransom for data you hold somewhere else.