Symatec Believes North Korea Involved With Cyber Attack
Symantec Corp’s cyber security believe it was “highly likely” that a hacking group associated with North Korea was behind the massive WannaCry attack that affected over 300,000 computer worldwide.
The event disrupted computers within hospitals, schools, and banks, among others. The researchers found code within the system associated with North Korea-linked groups and the same Internet connection was used in earlier WannaCry systems.
The U.S. government also accused North Korea of the 2014 Sony attack.
Many Reference Points (and Flaws) Refer To North Korea
Yahoo News reports:
“North Korea has routinely denied any such role. On Monday, it called earlier reports that it might have been behind the WannaCry attack “a dirty and despicable smear campaign.” Lazarus is the name many security companies have given to the hacking group behind the Sony attack and others. By custom, Symantec does not attribute cyber campaigns directly to governments, but its researchers did not dispute the common belief that Lazarus works for North Korea.”
“In a blog post, Symantec listed numerous links between Lazarus and software the group had left behind after launching an earlier, less virulent, version of the malware in February. One was a variant of software used to wipe disks during the Sony Pictures attack, while another tool used the same internet addresses as two other pieces of malware linked to Lazarus.”
WannaCry’s Flaws In System Point To North Korea
There were also various flaws within the WannaCry software that make cyber companies believe the North Koreans were involved. Plus, the electronic Bitcoin demands suggest hackers were private and not government based.
The most effective version of this software preyed on Microsoft’s Windows program, which is often used by U.S. National Security Agencies. Various other cyber security companies also believe North Korea to be the source. Among the various demands, Disney’s new Pirates film was held for ransom.