North Korea behind WannaCry virus cyberattack
- Author: Leroy Wright Jun 17, 2017,
Jun 17, 2017, 1:52
The Sony hack came after the company announced that they are planning to release the movie "The Interview" in 2014.
USA and British investigators suggest the attack was launched by the hacking group Lazarus from within the borders of the hermit state, but admit it is not clear whether it was directed by the North Korean government itself. More recently, the group has been tied to an worldwide string of digital bank robberies that netted hundreds of millions of dollars.
While WannaCry affected over 300,000 PCs in over 150 countries, the United Kingdom national health service was one of the earliest and hardest hit.
The NCSC began an investigation and concluded their assessment in recent weeks.
The ransomware did not target Britain or the NHS specifically, and may well have been a money-making scheme that got out of control, particularly since the hackers do not appear to have retrieved any of the ransom money as yet.
Another cybersecurity expert, Adrian Nish, who leads the cyber threat intelligence team at BAE, also noticed the overlap with previous code developed by Lazarus.
A parallel USA investigation being conducted by the National Security Agency (NSA) said investigators had "moderate confidence" that the attack originated in North Korea.
The Lazarus theory was first floated by a researcher at Google who noticed that certain, unique computer code overlapped between Lazarus tools and Wanna Cry.
North Korea has repeatedly denied involvement in cyber attacks against other countries.
Pyongyang has called the alleged links "ridiculous", but officials say there is little evidence that points toward alternative suspects.
The cash was then laundered through casinos in the Philippines.
Once they realized that their activities were drawing global attention, the risks of moving the money may have been seen as too high of a risk given the relatively small amount involved, leaving them with little to show for their work.