NORTH KOREAN GROUP WOULD BE MOST LIKELY FOR RECENT RANSOMWARE ATTACKS
On Monday the cyber security company Symantecstated that is was highly likely that a North Korean affiliated hacking group was responsible for the WannaCry cyber attack that occurred this past month and infected over 300,000 computers all over the world and disrupted schools, banks and hospitals worldwide.
Symantec researchers report that they found multiple occurrences of code that were used in both earlier WannaCry versions and previous activity that has been linked to the North Korean group and now highly recommend users install Norton antivirus and update any existing version of its software
The name Lazarus has been given by security companies to the group that was behind the Sony hacking attack as well as others. Earlier Symantec had said that they dont attribute cyber campaigns to governments directly, however its researchers dint dispute the widely held belief that the group Lazarus works for the North Korean government.
In the meantime Vikram Thakur, who is the security response technical director for Symantec, stated in an interview that the flaws within the WannaCry code, its broad reach and demand for payment in electronic bitcoin in order to decrypt the damaged files, all suggest that the hackers werent working for the government of North Korea.
What Is WannaCry?
For the uninitiated,WannaCry is ransomwarethat has infected hundreds of thousands of computers all over the world. Most reports suggest that Britains public system has been hit very badly, and reportedly entire wards haveclosed and staff from the National Health Servicehas been sent home.An automated system was used by the WannaCry version that has spread like wildfire andwreaked havoc was based on EternalBlue, which is a hacking tool that the Shadow Brokers hacking group was able to steal from the U.S. National Security Agency.
The theory that the reason for WannaCry to be deployed was to cause chaos worldwide and prove that Lazarus and North Korea by extension was capable of deploying a serious crippling attack has been dismissed by Symantec researchers.The very same command-and-control server was used by the WannaCry attacks that were used in the hacking of Sony Pictures Entertainment by North Korea in 2014, which wiped out almost half of the corporations servers and personal computers.In addition, the researchers state that the same tools were used in earlier Lazarus attacks on media companies and banks in 2013 in South Korea, were used in this WannaCry ransomeware episode as well.The tools have evolved, however they are what researchers refer to as variants of those same tools that were utilized in other attacks. Full Story Is Here