Sábado, 21 Setiembre, 2019

Seoul cyber experts warn of more attacks as North Korea is blamed

Researchers say global cyber attack similar to North Korean hacksMore Researchers say global cyber attack similar to North Korean hacksMore
Eleena Tovar | 22 May, 2017, 09:11

Lazarus is associated with North Korea and has a long history of wantonly destructive behavior - most notoriously including the attack on Sony Pictures Entertainment over the movie The Interview, which was seen as insulting to North Korean dictator Kim Jong-un.

The agency said the number of affected IP addresses around the world on Tuesday was 163,745, meaning that the pace of the attack was slowing. The group is also thought to have been responsible for the Sony hack in 2014.

For example, North Korea has never admitted any involvement in the Sony Pictures hack - and while security researchers, and the USA government, have confidence in the theory, neither can rule out the possibility of a false flag.

A screenshot of the warning screen from a purported ransomware attack, as captured by a computer user in Taiwan.

According to Symantec and Kaspersky Lab, some of the code that was found in the WannaCry software was also used in some programs run by the North Korea-affiliated Lazarus Group.

"We believe it's important that other researchers around the world investigate these similarities and attempt to discover more facts about the origin of "WannaCrypt", the cyber security company added.

But experts say it's too early to blame the WannaCry attack on North Korean hackers.

A security researcher for Google appears to be the first to have noticed the link. Kaspersky said "further research can be crucial to connecting the dots".

The United States likely avoided greater harm as the attack targeted older versions of Microsoft Corp's (MSFT.O) Windows operating system, and more USA users have licensed, up-to-date, patched versions of the software, compared to other regions of the world.

The council demanded North Korea halt its tests and said it was ready to impose further sanctions.

It is widely believed that the Lazarus Group worked out of China, but on behalf of the North Koreans.

Identifying hackers behind sophisticated attacks is a notoriously hard task.

Europol elaborated on its past findings about how much hackers had managed to extort money from the victims of the cyberattack, saying some 243 payments of a total of about 63,000 dollars had been made since the start of the attack on May 12. It says private computers also were affected.

Investigators might also be able to extract some information about the attacker from a previously hidden internet address connected to WannaCry's "kill switch". The official declined to comment on intelligence-related matters.

Even if the perpetrators can be identified, bringing them to justice could be another matter.

He estimated that more than 300,000 computers were taken down around the world. Russian Federation was among the hardest hit, and Britain among the most high-profile, and both have "some pretty good investigative capabilities", Cattanach said.