Experts question North Korea role in WannaCry cyberattack

Robyn Ryan
May 20, 2017

Experts are questioning whether North Korea was behind the WannaCry cyberattack attack, saying it doesn't fit the pattern of previous hacks blamed on Pyongyang.

Investigators said they had detected code similar to that used by a shadowy cybercrime network implicated in the Sony attack, the Lazarus Group, though they stressed that more investigation was necessary.

Two law enforcement officials say US investigators suspect North Korea may be behind the global "ransomware" attack.

Researchers at United States -based security firm Symantec also found possible links between Lazarus and WannaCry.

He estimated that more than 300,000 computers were taken down around the world.

WannaCry also includes software that was stolen from the US National Security Agency [official website] and illegally published online in April. They pointed to how easy it was to stop and how little money it has collected so far - a little over $50,000, a relatively paltry amount for an attack so large.

A researcher from South Korea's Hauri Labs said its findings matched those of Symantec and Kaspersky Lab, which said on Monday that some code in an earlier version of WannaCry software had appeared in programs used by the Lazarus Group, identified by some as a North Korea-run hacking operation.

"Intezer Labs confirms the #WannaCry was initiated by North Korea".

In China, foreign ministry spokeswoman Hua Chunying said she had no information to share, when asked about the origin of the attack and whether North Korea might be connected.

North Korea has denied being behind the Sony and banking attacks.

More than 200,000 computers were crippled worldwide, the paper said, citing the European Police Office.

After the series of unprecedented cyber-attacks on more than 400,000 systems and users in as many as 150 countries in the world on May 12, the experts have stepped in to find out the culprits behind this massive scale cyber-attacks occurred in human history. Taiwan Power Co. said that nearly 800 of its computers were affected, although these were used for administration, not for systems involved in electricity generation.

Other reports by VideoGamingPros

Discuss This Article