Vladimir Yevtushenkov, the head of IT company Sistema, is likely to be responsible for global cyberattack. Computer virus known as Petya struck the world on June 27. It appears that money was not something that the hackers were running after. Most likely, the purpose of the campaign was to hide criminal traces on certain computers.
Petya virus is known since 2016. Petya is not a ransomware, but a program that destroys data on infected computers. However, a better name for the program would rather be Petrovich – this is the middle name of the head of Russia’s largest IT company Sistema, Vladimir Petrovich Yevtushenkov.
The news about the global cyberattack first appeared on June 27 in the afternoon. Russia and Ukraine suffered most in the attack. In Russia, Petya infected computer systems of Russia’s major oil giants – Rosneft and Bashneft. Unlike WannaCry, Petya did not make its authors rich: the hackers could reportedly make only $8,000 as a result of the attack.
A few hours after the attack, authoritative US-based Fortune Magazine wrote with reference to its IT specialists that the source of the cyberattack was located in Ukraine. The attack, the publication wrote, was launched by Intellect-Service, a Ukrainian company best known for its MeDoc accounting software. It is worthy of note that the clientele of Intellect-Service includes one of the largest mobile operators in Ukraine – Vodafone.
Vodafone is widely known as a UK-based and one of the world’s largest international mobile operator. Interestingly, however, until the fall of 2015, the company that currently offers its services to Ukrainian people under the name of Vodafone used to be called MTS Ukraine. MTS Group of Russia owned 100 percent of MTS Ukraine shares to disguise its business presence in the country. Furthermore, MTS, one of Russia’s largest mobile telecommunications operators, is a central asset of Sistema – a corporation that belongs to businessman Vladimir Yevtushenkov.
The cyberattack with the use of Petya virus was launched at the time when the Court of Arbitration of Bashkiria started hearing Rosneft’s lawsuit against Sistema. Was it a coincidence? This is not likely, because Russia’s largest oil producer, Rosneft, seeks a compensation worth 170 billion roubles from Vladimir Yevtushenkov’s Sistema Corporation for the losses that oil company Bashneft incurred when the latter was owned by Sistema. As plaintiffs claim, Sistema used Bashneft as a milk-cow, even though Mr. Yevtushenkov knew that the state would sooner or later take back the illegally appropriated property. Predictably, Mr. Yevtushenkov claimed that the business of Bashneft was absolutely healthy and refused to compensate Rosneft for anything.
The court eventually arrested Sistema’s assets worth 185 billion roubles on June 23. The arrested assets included 100 percent of shares of Mesdi clinics, 90.47 percent of shares of Bashkir Electric Grid Company and 31.76 percent of shares of MTS mobile operator.
Since the beginning of the court process, Mr. Yevtushenkov lost $1.5 billion of his fortune, Forbes Magazine wrote. And he knows that this is only a start. Should the court uphold Rosneft’s lawsuit against Sistema, the move will strike a final blow on Vladimir Yevtushenkov’s empire that he created during the 1990s.
It stands the reason that the businessman remains in a state of shock. Apparently, he was ready to go to the limit to save both his face and his fortune. Shortly before the cyberattack, the Arbitration Court of Bashkiria received a petition saying that oil company Rosneft had withdrawn its claim against IT company Sistema, because the two organisations had reached an amicable agreement, the document, signed by two vice presidents of Rosneft said. Subsequently, it was established that it was a counterfeit document, but it remains unclear who sent it to the court.
Official spokesperson for oil company Rosneft, Mikhail Leontiev, stated soon after the virus attack that the purpose of the cybercrime was to “kill” computers of Bashneft. The computer s, he added, contained a great deal of information about Bashneft’s operations during the time when it was controlled by previous owners. Indeed, it was Sistema that maintained the computer system of Bashneft. The locks were changed, so to speak, but there are people who know very well how to break any locks.
In all fairness, such important documents can hardly be stored in open access. Let’s assume that someone had the intention to cause huge losses to Rosneft, but failed, because the company switched to an alternative computer system. About 30 minutes after the cyberattack, it was said that Rosneft oil rigs stopped working, and the production output of the company dropped by one-third. Fortunately, it was untrue and vital systems of the company were not affected. But who was responsible for such rumors?
As it was mentioned above, Ukraine was said to be the source of the virus. The attack crashed the servers of the Kiev Metro, disrupted the work of Kiev’s Borispol Airport and caused damage to a number of banks. Predictably, Ukrainian officials accused Russia of the mess. If Russia accuses Ukraine of something, Ukraine traditionally says: “It’s not us, it’s them,” pointing a finger at Russia. So it’s good cover story. But in reality is there anyone else from the former Soviet Union, but Mr. Yevtushenkov, the head of the leading IT company, who could carry out such a powerful attack?