A Ukrainian government official estimates that as many as one in 10 personal computers at companies and government offices across the country may have been compromised in the cyberattack that erupted on June 27.
Dmytro Shymkiv, the deputy head of Ukraine’s presidential administration and a former director of Microsoft Ukraine, told The Associated Press that the figure was a “guesstimate” based on publicly available data, his previous work in the technology industry and what he’d heard from corporate and government sources. He added that the figure did not include line of business computers such as cash machines.
“Ten percent of PC install base (in gov. and commerce segment) in Ukraine were compromised, half of which become bricks,” he wrote in an email, adding that the assessment was both approximate and personal. “Some critical infrastructure organizations were also impacted, but primarily businesses.”
Nine days after the malicious software, sometimes called a worm, was seeded across Ukrainian companies and government agencies by a weakly secured tax software firm, officials have yet to provide a comprehensive assessment of what happened.
However, an outline of the worm’s furious spread is beginning to emerge. On Wednesday, the firm behind the rogue tax software told reporters that its program had been present on 1 million machines. The same day, National Bank of Ukraine official Anton Kudin told a workshop that a third of the nation’s banks had been affected, according to a summary of his remarks posted online. Earlier this week, Ukraine’s Infrastructure Minister Volodymyr Omelyan told the AP that damage at his department alone ran into the millions of dollars.
Cybersecurity expert Victor Zhora, who is helping several clients affected by the attack, on Thursday called Shymkiv’s figure “rather realistic,” adding that he alone was aware of infections on between 2,500 to 3,000 devices.
Companies around the world that were likewise affected by the attack, including the world’s biggest shipper and Russia’s main oil producer, are also tallying the harm done.
On Thursday, British consumer goods company Reckitt Benckiser warned that the cyberattack, which disrupted its ability to both manufacture and distribute products, would hurt its overall earnings. It lowered its forecast for full-year net revenue growth to 2 percent, from 3 percent previously.
“Some of our factories are currently still not operating normally, but plans are in place to return to full operation,” the company said in a statement to shareholders.
Ukraine blames Russia for the attack, an allegation President Vladimir Putin’s spokesman Dmitry Peskov on Thursday dismissed as “absurd.”