North Korea suspected to be behind the Ransomware attack
After a cyber attack which left access to many computers across the world to ransom, security firm Symantec has now said that it is likely that a hacking group affiliated with the state of North Korea could be behind the ‘Ransomware’ attack. The attack left more than 300,000 computers belonging to auto companies, firms, hospitals and individuals almost paralysed, as they were asked to pay a ransom to be able to access their machines.
It has been reported that some individuals did even pay the ransom, which was accepted through bitcoins, in order to be able to access their computers. However, almost all data had been wiped out by that time. Researchers at Symantec said that they found instances of code which was found in previous attacks linked to the North Korean hacking group. In addition, the same Internet connection was used to install an early version of WannaCry on two computers and to communicate with a tool that destroyed files at Sony Pictures Entertainment. Apparently, the US government and private companies have accused North Korea in the 2014 Sony Attack.
However, North Korea has denied playing any such role and has called the accusation “a dirty and despicable smear campaign.” Lazarus is the name many security companies have given to the hacking group behind the Sony attack and others. By custom, Symantec does not attribute cyber campaigns directly to governments, but its researchers did not dispute the common belief that Lazarus works for North Korea.
”Flaws in the WannaCry code, its wide spread, and its demands for payment in the electronic bitcoin before files are decrypted suggest that the hackers were not working for North Korean government objectives in this case,” said Vikram Thakur, Symantec’s security response technical director. He added, “Our confidence is very high that this is the work of people associated with the Lazarus Group because they had to have source code access. We don’t think that this is an operation run by a nation-state,” Thakur said in an interview.
With WannaCry, Thakur said, Lazarus Group members could have been moonlighting to make extra money, or they could have left government service, or they could have been contractors without direct obligations to serve only the government.