Email
Password
Remember meForgot password?
    Log in with Twitter

article imageGlobal ransomware attack 'came from North Korea'

By Tim Sandle     Jun 16, 2017 in Internet
London - May 2017's global ransomware attack, which struck over 200,000 computer systems across 150 countries, was 'launched from North Korea' according to British security officials.
Although many parts of the world were affected by the ransomware attack in May, the malicious software infiltrated the IT systems of the English National Health Service (NHS), in a major way, bringing down systems for several hours and leading to many cancelled operations. The viral attack was a type of program called ransomware, under the specific development heading "WanaCrypt0r 2.0."
READ MORE: What you need to know about ransomware
Ransomware is a type of malware designed to block access to a computer or its data and demands money to release it. There are two types of ransomware: crypto ransomware and locker ransomware. With the former, crypto ransomware encrypts personal data and files so that they cannot be accessed unless a ransom is paid. With the latter, locker ransomware prevents the victim from using the computer system at all by locking components or all of the system.
READ MORE: Most people are ill-equipped to deal with ransomware
With the global attack the person or persons responsible have never been named. Understanding the origin is important not only for attempting to prosecute the perpetrators but also in designed better defenses. According to the BBC, the U.K.'s National Cyber Security Centre (NCSC) believe that hackers in North Korea were behind the cyber-attack. Specifically a hacking group known as Lazarus is believed to have launched the attack (the same group who targeted Sony Pictures in 2014 over the release of the North Korean focused movie The Interview).
One of the investigators helping the NCSC, Adrian Nish, who leads the cyber threat intelligence team at the global firm BAE, states he sees overlaps with previous code developed by the Lazarus group: "It seems to tie back to the same code-base and the same authors. The code-overlaps are significant."
At the same time the US Department of Homeland Security (DHS) and the FBI have issued an alter about another imminent North Korean-led cyber attack, through US-CERT, according to the website Naked Security. This news coincides with increasing tensions between Washington and Pyongyang because of North Korea's missile tests.
More about Ransomware, Cybersecurity, Security, Computers
More news from
Latest News
Top News