Suspicion: Massive cyber attack caused by North Korea

Cyber Security Researchers have found links of recent Cyberattack which affected more than 300,000 computers all around the world with North Korea. Researchers have said some of the code used in Friday's ransomware, WannaCry, was almost identical to the code used by the Lazarus Group, a group of North Korean hackers who used a similar version for the hack of Sony Pictures Entertainment in 2014 and last year's hack of Bangladesh Central Bank.

The paper introduced cases in detail, including the attack on the interior ministry, banks and public agencies in Russian Federation; on information networks, banks and energy-related companies in Spain and Portugal; and on auto factories in France, Slovenia and Romania. It encrypted users' computer files and displayed a message demanding $300 to $600 worth of the digital currency bitcoin to release them; failure to pay would leave the data scrambled and likely beyond fix.

With cyber security experts suspecting a North Korean hacker group behind the massive ransomware attack that created havoc in almost 150 countries since the last weekend, Britain's National Crime Agency (NCA) on Tuesday claimed there was no immediate indication of a second surge of such attack.

Meanwhile, the 22-year old computer expert who discovered the WannaCry's hidden kill switch says he does not think of himself as a hero and was just "doing my bit to stop botnets".

How is the group linked to North Korea?

The cybersecurity firm also said there was little doubt that the February 2017 code, referred by Mehta in his post, "was compiled by the same people, or by people with access to the same source code" as the latest spree of ransomware attacks.

Other experts quickly jumped on this as a sign - although an inconclusive one - that North Korea may have been behind the outbreak.

"The global community, shocked by the unprecedentedly destructive cyberattack, is calling for strengthened efforts to fend off crimes exploiting the Internet", the daily said. It is the same group that wrecked havoc by hacking Sony Pictures in 2014 and the Bangladesh Bank in 2016.

Microsoft President and Chief Legal Officer Brad Smith said earlier this week the WannaCry attack used elements stolen from the NSA.

"The similarities we see between malware linked to that group and WannaCry are not unique enough to be strongly suggestive of a common operator", FireEye researcher John Miller said.

"In this case, there is a fragment of the technology that was associated with Lazarus", Clark said.

The WannaCry attack made headlines on Friday after locking computers in the U.K.'s health system and Spain's largest telecom.

"We raised the alert on Sunday in preparation for an attack against the military network by hostile forces on the strength of the spread of ransomware", he added.

  • Carolyn Briggs