Security researchers: North Korea possible source of WannaCry cyber attack

Security researchers: North Korea possible source of WannaCry cyber attack

Cybersecurity researchers on Tuesday said they have found evidence [Kapersky Lab report] that could link North Korea to the recent cyberattack that affected 300,000 computers in 150 countries over the weekend. The so-called WannaCry ransomware has lines of code that are identical to the malware used by a group of hackers called Lazarus that have been connected to North Korea in the past. Lazarus has also been linked to the hacking of Sony Pictures [official website] in 2014 and accused of stealing millions of dollars from a Bangladeshi bank in 2016. Although North Korea denied allegations that it was behind those events, Simon Choi, a senior researcher who has done extensive investigations into North Korea’s hacking programs said the WannaCry program is “similar to North Korea’s backdoor malicious codes.” WannaCry also includes software that was stolen from the US National Security Agency [official website] and illegally published online in April. The software, which targeted Microsoft Windows [official website] operating systems, encrypts data and demands ransom payments in the form of Bitcoins [organization website]. The breadth and speed of the attack was described [BBC report] by Europol [official website] as “unprecedented.”

Cyber security is a growing threat around the world. On Thursday US President Donald Trump signed an executive order [JURIST report] designed to strengthen IT and cyber security frameworks in the country by having agency heads manage security risks and modernize the IT infrastructure.The National Control Commission for the Election Campaign for the Presidential Election (CNCCEP) last week cautioned [JURIST report] media outlets against sharing information leaked from an alleged hack of a presidential candidate. in April Roman Seleznev, the son of a member of the Russian Parliament, was sentenced [JURIST report] for hacking into more than 500 US businesses, stealing then selling millions of credit card numbers. Also in April the Department of Justice (DOJ) announced [JURIST report] that it had effectively disrupted the Kelihos botnet, a network of thousands of virus ridden computers used to glean personal information and login credentials by distributing malicious software through spam email.