"The day began like most others for Roman Klymenko, an accountant from Kiev who just settled himself at the table, typing on a computer keyboard and sipping coffee. He was unaware that his ticketing software contained a ticking bomb, "says Andrew Kramer, a reporter for The New York Times. "This bomb soon exploded, destroying its financial calculations and quickly spreading through computer systems vital to the government of Ukraine and beyond".

As the author explains, the attack on Tuesday was caused by a virus similar to that that produced devastation in the world less than two months ago. "Both viruses looked like hacker attacks aimed at blackmail, known as attacks of a virus-extortioner: screens of infected computers warn users that their data will be destroyed if they do not pay the ransom". But in the case of Ukraine, there could be a more ominous motive - the paralysis of the country's vital computer systems, the correspondent reports citing a statement on Wednesday by experts on cybersecurity. "And many Ukrainians suspect Russia," reads the article.

"The argument of experts on cybersecurity is based in part on the identification of a group of Ukrainian users who initially, incredibly, were attacked: tax-book accountants," writes Kramer. - All of them are legally obliged to use for the preparation of tax declarations a program developed by the Ukrainian company, M. Doc. This software, running on computers running the Microsoft Windows operating system, was recently updated ". On Wednesday, Microsoft published a statement that it "now has evidence that few cases of active infection with the extortion virus originally began with the legitimate process of updating M. Doc ".

"Experts on cybersecurity said: whoever launched the attack on the eve of the holiday celebrating the independence of Ukraine, he should have known that the software M. Doc, integrated into Ukrainian government computers, was for them the opportunity to get inside, "- reads further. "There is no reason to attack the day before the Constitution Day," Craig Williams, a senior technical researcher at Talos, a division of Cisco, an American technology company, who helped determine the source of the attack.

Bryan Lord, a former deputy director for intelligence and computer operations at the UK Government Communications Center (the British equivalent of the NSA), said: "It's not about money". According to the expert, "this attack is aimed at disabling what ensures the functioning of large companies and the government," the journalist reports..

"While it is necessary to establish the source of the virus," the author. "But the main suspect is Russia, because it was involved in an open and secret war with Ukraine since the revolution of 2014, which overthrew the pro-Kremlin government. The Russian role has yet to be proved, and, perhaps, it will never happen. Nevertheless, analysts said on Wednesday that if the aim of the attackers was to wreak havoc at the highest levels in Ukraine, M. Doc provided the ideal way.

This software is not only widely installed in government agencies and banks - it is mandatory for many Ukrainian enterprises and government agencies ".

"If you look at Ukrainian cyberspace, M. Doc is an excellent carrier for the virus, "Ivan Lozovy, director of the Institute of Statehood and Democracy (Kiev), said in a telephone interview.. This software is used by large and small businesses and can transmit the virus to government computers where businesses must file tax returns. "Russians are interested in Ukraine having as many problems as possible", - concluded Lozovy.