Published: Sat, May 20, 2017
Hi-Tech | By Grace Becker

Experts question North Korea role in WannaCry cyberattack

Cyber security researchers around the world have said they found evidence that could link North Korea with WannaCry.

In other words, this code snippet is a "fingerprint" that suggests WannaCry was developed by the Lazarus group.

Most experts noted it was still too early to determine whether North Korea was involved in the attacks that paralyzed the NHS on Friday and became one of the fastest-spreading extortion campaigns ever recorded.

"The scale of the Lazarus operations is shocking", Kaspersky's Global Research & Analysis Team notes.

Choi said that if North Korea's culpability is proven, the world should start taking their capabilities seriously and ensure consequences for such actions.

Proofpoint executive Ryan Kalember said the authors may have earned more than $1 million, far more than has been generated by the WannaCry attack.

Governments turned their attention to a possible new wave of cyber threats on Tuesday after the group that leaked USA hacking tools used to launch the global WannaCry "ransomware" attack warned it would release more malicious code.

"He said the global community must continue to speak out in one voice and act in solidarity to make North Korea stop further provocations and come back to dialogue".

"Attribution can be hard".

After days of disruptions affecting networks worldwide, a top USA official said the number of computers affected had reached 300,000, but that infection rates had slowed. And if China were to cut off North Korea's limited internet access, the hackers would still be able to do their work.

Wynne to make high-speed rail announcement Friday
For his part, former Transport Minister David Collenette concluded in a report to the province that the project was viable. CTV reports that the province, in working with Via and Metrolinx, would seek out private financing and partners.

Haley said the US and China have been working on "a unified plan" on how to approach North Korea that would include stronger implementation of existing sanctions and tougher new sanctions.

All researchers and officials quoted on the possible North Korean link point out that the evidence is not "smoking gun" conclusive. The United States accused it of being behind a cyber attack on Sony Pictures in 2014.

Like WannaCry, the program attacks via a flaw in Microsoft Corp's Windows software. "Basically they'd have to wait on Bitcoin transactions, store the hacked files and maintain contact with the targets of the attack".

The hackers appeared to have taken control of computers and servers around the world by sending a type of malicious code known as a worm to file-sharing protocols.

Second, North Korean cyber-attacks have typically been far more targeted, often with a political goal in mind.

In 2016, the North Korean government stole no less than $81 million from Bangladesh' Central Bank. The $4 billion in damage could be far more important to the perpetrators than the $70,000 or less in ransom payments collected.

One more disturbing theory to consider: the attack that swept the globe last weekend could be just a dry run for something much worse.

Along those lines, reports of even more risky WannaCry variants continue to trickle in.

Tom Bossert, President Donald Trump's top cyber and homeland security adviser, brushed aside suggestions that the attack stemmed from a flaw discovered by the US National Security Agency and later leaked.

Like this: