The New York Times reports: The day started like most for Roman N. Klimenko, an accountant in Kiev who had just settled in at his desk, typing at a computer keyboard and drinking coffee. He was unaware that concealed within his tax preparation software lurked a ticking bomb.

That bomb soon exploded, destroying his financial data and quickly spreading through computer systems vital to Ukraine’s government — and beyond. The cyberattack, on Tuesday, was caused by a virus similar to one that wreaked global havoc less than two months ago.

Both had the appearance of hacker blackmail assaults known as ransomware attacks: screens of infected computers warn users their data will be destroyed unless ransoms are paid.

But in Ukraine’s case, a more sinister motive — paralysis of the country’s vital computer systems — may have been at work, cybersecurity experts said on Wednesday. And many Ukrainians cast their suspicions on Russia.

Cybersecurity experts based their reasoning partly on having identified the group of Ukrainian users who were initially and improbably targeted: tax accountants. [Continue reading…]