The implications of this mean that the cyberattack could be interpreted as an act of war, according to the organization. On Wednesday, NATO secretary general Jens Stoltenberg said a cyber attack could trigger Article 5, the principal of collective defense.
“As important government systems have been targeted, then in case the operation is attributed to a state this could count as a violation of sovereignty. Consequently, this could be an internationally wrongful act, which might give the targeted states several options to respond with countermeasures,” Tomáš Minárik, researcher at NATO’s CCD COE law branch, in the press release.
NATO investigators added that the cyberattack was a “declaration of power” and a demonstration of the culprit’s ability to cause disruption.
More than 30 percent of affected firms were financials, according to analysis by Kaspersky Lab, while at least half of those targeted were industrial organizations, such as utilities, oil and gas, transportation, logistics, manufacturing and other companies.
“The nature of this malware is such that it could easily stop the operation of a production facility for a considerable amount of time”, said Kirill Kruglov, security expert at Kaspersky Lab, in a press release published Thursday.