N. Korea behind globe-spanning ‘Wannacry’ cyberattack?

Is North Korea behind the devastating globe-spanning cyberattack that has crippled countless of computer systems in recent days?

Two major software security firms, Kaspersky and Symantec, claim they have evidence linking the Wannacry ransomware attack to North Korea’s notorious Lazarus Group.

The worldwide cyber ransomware extortion attack, which started on May 12, has crippled tens of thousands of computer systems in nearly 100 countries, including South Korea.

Employees watch an electronic board to monitor possible ransomware cyberattacks at the Korea Internet and Security Agency in Seoul, Monday. / Yonhap

Both security firms claim the technical details within an early version of the ransomware are similar to those used by the North Korean hacking organization, suspected of being behind the 2015 attack on Sony Pictures and the $81 million heist from a Bangladeshi bank in 2016.

Experts at Kaspersky said there was a high probability that the North Korean group was behind the latest attack.

“We believe it’s important that other researchers around the world investigate these similarities and attempt to discover more about the origin of WannaCry,” said Kaspersky in a blog post.

Kaspersky argued that code similarities within the malicious software had been erased in later versions and that the presence of a kill switch supported claims that a state was behind the attacks.

However, both security companies fell short of confirming North Korea as the culprit behind Wannacry, saying there was no solid evidence of this, and that it was possible someone had merely borrowed the code.

Meanwhile, 10 Korean companies have so far been struck by WannaCry. Damaged enterprises include CGV and a bus schedule system in Asan.

However, experts say most local companies and institutions seem to be intact.

Source:.koreatimes.co.kr