Experts Believe North Korea May Be Responsible For Global Cyber Attack

Xavier Trudeau
Mai 18, 2017

Researchers have said that some of the code used in Friday's ransomware, known as WannaCry software, was almost identical to the code used by the Lazarus Group, a group of North Korean hackers who used a similar version for the devastating hack of Sony Pictures Entertainment in 2014 and the last year's hack of Bangladesh Central Bank.

Mehta, a University of British Columbia graduate who earlier worked with IBM Internet Security Systems, posted "codes" on Twitter, potentially pointing at a connection between the "WannaCrypt" ransomware attacks and the malware attributed to the infamous "Lazarus Group", responsible for a series of devastating attacks against government organisations, media and financial institutions.

Since Friday, banks, hospitals and state agencies have been among the victims of hackers exploiting vulnerabilities in older versions of Microsoft computer operating systems and demanding payment in the virtual currency Bitcoin. It encrypted users' computer files and displayed a message demanding $300 to $600 worth of the digital currency bitcoin to release them; failure to pay would leave the data scrambled and likely beyond fix.

Now experts say it's still too early to blame it on North Korea because the culprits may have just used the Lazarus malware, perhaps to make it look like a North Korean attack.

Symantec and Kaspersky Lab both said that further analysis of the code used by WannaCry is needed to pinpoint its exact origins.

"However, it's worth further investigation".

Haley also noted that the US was keeping the option of adopting sanctions against countries aiding North Korea.

North Korea on Tuesday released a detailed report on the global WannaCry ransomware attack, but kept mum about worldwide suspicions that it might have been behind the destructive hacking.

"The similarities we see between malware linked to that group and WannaCry are not unique enough to be strongly suggestive of a common operator", FireEye researcher John Miller said. "We should never underestimate it", Choi said.

US antivirus company McAfee says cyberattacks continue to hit Saudi Arabia.

But that technique is no sure bet. And even finding a real person might be no help if they're in a jurisdiction that won't cooperate. The United States accused it of being behind a cyber attack on Sony Pictures in 2014. "Right now we've uncovered a couple of what we would call weak indicators or weak links between WannaCry and this group that's been previously known as Lazarus". "It will be very satisfying for me and for all of our viewers, I think, that if we find them that we bring them to justice".

"Most of the attacks are arriving via e-mail, so there are many "landmines" waiting in people's in-boxes", said Michael Gazeley, managing director of Network Box, a Hong Kong-based cybersecurity company. South Korean companies, from automakers to retailers and cosmetics firms, have been hit in China by a nationalist backlash over Seoul's decision to deploy the system.The North's KCNA news agency said Sunday's launch tested its capability to carry a "large-size heavy nuclear warhead". Russian Federation was among the hardest, and Britain among the most high-profile, and both have "some pretty good investigative capabilities", Cattanach said.

D'autres rapports CampDesrEcrues

Discuter de cet article