The vicious and destructive WannaCry “ransomware”
a cyberattack that has infected more than 300,000 computers in 150 countries since Friday has been discovered to have a link to rogue state North Korea based from technical evidence gathered by cyber security researchers.
On Monday, Symantec <SYMC.O> and Kaspersky said that some code in an early version of the WannaCry software had also been seen in programs that Lazarus Group used. This is significant because researchers from many companies have established Lazarus Group as a North Korea-run hacking operation.
Kurt Baumgartner, a Kaspersky Lab researcher, said that such is the best clue they have seen so far regarding the origins of WannaCry. The firms caution, however, that it may be too early to tell whether North Korea was involved in the attacks. The continuing research, however, will be closely followed by law enforcement agencies around the world including Washington until those responsible for the attacks are identified and brought to justice. Trump’s homeland security adviser said Monday that it is possible at this point that both foreign nations and cyber criminals were the culprits behind the attacks.
U.S. and European security officials said that it was too early to conclusively say who are responsible for the attacks, but both sides are not ruling out North Korea as a suspect. Symantec and Kaspersky Lab, meanwhile, said they still need to study further the code and have sought the help of others to contribute to the analysis. Hackers, after all, do use code from other operations, so even copied lines may not offer conclusive proof just yet.
Another large security firm FireEye Inc. said it was also investigating a possible link to North Korea.
Last month, The Goldwater also reported Kaspersky released a 58-page news report that says Pyongyang is behind secret government program Lazarus to electronically steal funds from banks in 18 countries. North Korea is a prime suspect behind several major bank thefts including the controversial case last year of $81 million being stolen from Bangladesh’s central bank account in New York.
The in-depth report reveals that North Korea could be funding their nuclear arms ambitions by those bank hackings victimizing foreign countries and stealing millions from them.