North Korean hackers behind global cyberattack?

Cyber Security Experts Tackle Global Ransomware Attack

Cyber Security Experts Tackle Global Ransomware Attack

Researchers have said that some of the code used in Friday's ransomware, known as WannaCry software, was almost identical to the code used by the Lazarus Group, a group of North Korean hackers who used a similar version for the hack of Sony Pictures Entertainment in 2014 and last year's hack of Bangladesh Central Bank.

"Until the U.S. and its followers make a right choice, we will further produce sophisticated and diversified nuclear weapons and striking means and push to prepare for necessary tests", Pak said according to the North's state-run KCNA news agency.

The cyberattack that swept across the globe finally slowed down on Monday.

Simon Choi, a director at South Korean anti-virus software company Hauri Inc. who has analyzed North Korean malware, noted that the demand for victims of the WannaCry attack to pay the ransom in bitcoins is reminiscent of North Korean tactics.

Software company Symantec, maker of popular security software, published a blog post also pointing to the possible connections, writing, "While these findings do not indicate a definite link between Lazarus and WannaCry, we believe that there are sufficient connections to warrant further investigation".

The virus has mainly infiltrated systems in Europe - particularly Britain's health-care network.

In Japan, the government's Computer Emergency Response Team said as many as 2,000 computers at 600 companies were affected by the ransomware, and the government set up a new crisis management office to deal with cyberterrorism.

A South Korean police official that handles investigations into hacking and cyber breaches said he was aware of reports on the North Korean link, but said police were not investigating yet.

Walt Disney Co (DIS) Stake Lowered by Legacy Private Trust Co
Alpha One ranks coverage of publicly-traded companies on a scale of -1 to 1, with scores nearest to one being the most favorable. In other news, EVP Brent Woodford sold 2,000 shares of the firm's stock in a transaction that occurred on Tuesday, April 18th.

On Monday, Bossert sought to distance the NSA from any blame.

"As South Korea's diplomatic situation matures, North Korea should also show a more mature attitude, not a childish one, and contribute to (establishing a better) diplomatic relationship". In response, the Korea Internet and Security Agency in Seoul raised its warning level to three, or "cautious", on a scale of one to five.

On an online messenger system, Choi told Reuters, "He said he and his colleagues were running tests for ransomware attacks".

Researchers say the new versions of the worm, without this vulnerability, could eventually be released.

The vulnerability exploited by the ransomware is believed to have been first identified by the U.S. National Security Agency and later leaked online.

The "ransomware" infected computers' encrypted files, effectively making them inaccessible, and presented a window demanding $300 in Bitcoin to regain access.

So far, the attack has affected machines belonging to the United Kingdom's National Health Service, Spain's Telefónica, FedEx and others.

Russian Federation has denied it had anything to do with what Europol called the "largest ransomware attack observed in history", and President Vladimir Putin described it as payback for the U.S. intelligence services.

Latest News