Experts claim that WannaCry ransomware has links to North Korea, and that it’s more worrying than previously thought..
The weight of the recent, huge cyber attack which took place worldwide is heavier than we originally thought and is even connected to North Korea, say cyber security experts. According to cyber bosses in the media, frightening similarities were spotted between details of the massive cyber-attack and code used by a prolific “cybergang” with links to North Korean government.
Apparently, evidence has now been found linking the Wannacry ransomware to the cybergang, known as Lazarus Group.
The cyber attack that shook the world
Early Friday morning the world was subjected to a sophisticated and frightening cyber attack, affecting the National Health Service among other organisations.
The nasty “WannaCrypt” software started in the UK and quickly spread around the world, blocking customers from their data unless they paid a ransom using Bitcoin.
It has since been uncovered that technical details within an early version of the WannaCry code are similar to code used in a 2015 backdoor created by the government-linked North Korean hackers.
Lazarus Group has also been known to use and target Bitcoin in its hacking operations. The similarities were first spotted by Google security researcher Neal Mehta and echoed by other researchers including Matthieu Suiche from UAE-based Comae Technologies.
The hack took down important computers across the world and might even be responsible for deaths in affected hospitals. So far it has infected more than 300,000 machines in 150 countries worldwide.
The hackers behind the attack demanded cash in order to unlock the computers.
Simon Choi, a director at anti-virus software company Hauri Inc claimed that North Korea is “no newcomer” in the world of Bitcoin and it has been mining Bitcoin using malicious computer programs as early as 2013.
Cyber Attack Motive
Some private sector cyber security experts said they were not sure if the motive of the attack was primarily to make money, noting that most large ransomware and other types of cyber extortion campaigns pull in millions of dollars of revenue.
According to Czech security firm Avast, the countries most affected by WannaCry to date are Russia, Taiwan, Ukraine and India.
How to Protect Against Ransomware Attacks
Jason Tanz, the site director at “Wired,” told ABC News: “Individuals are particularly easy to prey on because most of them are not being extremely up-to-date with their software. They’re not necessarily paying attention to all the security updates, and therefore they’re more likely to be vulnerable.”
He added: “if you’re the victim of a ransomware attack you’ll open your computer and instead of your normal files you’ll see a pop-up appear that says, ‘Surprise, we’ve taken control of your computer and if you want access to your files you need to pay us.'”
“The next thing is to make sure you’re backing up your files every day, and that means on a hard drive that is not connected to the internet,” Tanz added. “Ransomware is only effective if you don’t have record of the files they’re holding for ransom.”