Published: Thu, May 18, 2017
Hi-Tech | By Grace Becker

NK daily releases detailed report on global WannaCry attack

NK daily releases detailed report on global WannaCry attack

US Ambassador Nikki Haley said the United States was working with China, Pyongyang's main ally, on a new sanctions resolution and warned that all countries must step up action against North Korea or face measures themselves. The 393-foot ship with twin domes housing 24-foot antennas is owned by the U.S. Department of Transportation's Maritime Administration and used in support of U.S. Missile Defense Agency missions.

Researchers have said some of the code used in Friday's ransomware, WannaCry, was almost identical to the code used by the Lazarus Group, a group of North Korean hackers who used a similar version for the hack of Sony Pictures Entertainment in 2014 and last year's hack of Bangladesh Central Bank.

After Mehta highlighted the elements in the code, other researchers confirmed similarities that early versions of WannaCry - also called WannaCrypt, Wana Decryptor or WCry - shared with malware tools used by Lazarus.

Isolated, nuclear-armed North Korea is known to operate an army of thousands of hackers operating in both the North, and apparently China, and has been blamed for a number of major cyberattacks. The malware has scrambled data at hospitals, factories, government agencies, banks and other businesses since Friday, but an expected second-wave outbreak largely failed to materialize after the weekend, in part because security researchers had already defanged it.

Researchers at US -based security firm Symantec also found possible links between Lazarus and WannaCry.

After days of disruptions affecting networks worldwide, a top United States official said the number of computers affected had reached 300,000, but that infection rates had slowed.

WannaCry borrows code from attacks orchestrated by the Lazarus Group, a shadowy hacker collective believed to be responsible for the Sony Pictures Entertainment hack in 2014, the Bangladesh central bank hack in 2016 and the Polish bank hacks in February. Some outside analysts believe the Hwasong-12 missile, if proven in further tests, could help North Korea achieve its goal of developing missiles with nuclear warheads capable of reaching the US mainland.

FireEye Inc, another large cyber security firm, said it was also investigating but cautious about drawing a link to North Korea.

New French Prime Minister Described himself as a Man of the Right
Annick Girardin, who was the Minister for Public Services under Hollande, is now the Overseas Territories Minister. President Emmanuel Macron might have announced his new balanced government but it's far from set in stone.

For one thing, said IBM Security's Caleb Barlow, researchers are still unsure exactly how the malware spread in the first place.

"We have underestimated North Korea so far that since North Korea is poor, it wouldn't have any technologies".

Despite the push for a tougher stance, Haley held out the prospect of direct talks with North Korea, saying "we are willing to talk but not until we see a total stop of the nuclear process and of any test there".

"In this case, there is a fragment of the technology that was associated with Lazarus", Clark said.

The Lazarus hackers carefully routed their signal through France, South Korea and Taiwan to setup their attack server, according to Kaspersky.

Forensics, though, will only get investigators so far.

Even if the perpetrators can be identified, bringing them to justice could be another matter.

Like this: