The CIA has concluded that Russia's GRU military spy arm waged the NotPetya data-wiping cyberattack on Ukraine in June of last year, according to a report late last week in The Washington Post.
NotPetya was deployed to appear like ransomware while meanwhile destroying data from computers in banks, energy companies, and an airport in Ukraine. The malware spread via popular accounting software used in Ukraine called MeDoc, after an update server for the application was compromised and spread the malware during an automatic update.
US intelligence officials told The Post that the CIA in November assessed "with high confidence" that the GRU was behind NotPetya. While most of the victimized machines were in Ukraine, the malware also spread to other nations including the US.
Read the full report here.