North Korea link emerges in global cyberattacks

channelnewsasia

 
Several British hospitals say they are having major computer problems. Hospitals in London, northwest England and other parts of the country reported problems on May 12, 2017, with their computer systems as a result of an apparent cyberattack. (PA via AP)

After days of disruptions affecting networks worldwide, a top US official said the number of computers affected had reached 300,000, but that infection rates had slowed.

In the first clues of the origin of the massive ransomware attacks, Google researcher Neel Mehta posted computer code that showed similarities between the “WannaCry” malware and a vast hacking effort widely attributed to Pyongyang.

Other experts quickly jumped on this as a sign – although an inconclusive one – that North Korea may have been behind the outbreak.

“We believe this might hold the key to solve some of the mysteries around this attack,” said researchers at the Russian-based security firm Kaspersky, adding that further research was needed.

Israeli-based security firm Intezer Labs said it agreed with the North Korea attribution.

The group’s chief executive Itai Tevet said in a tweet: “@IntezerLabs confirms attribution to North Korea for #WannaCry, not only because of the function from Lazarus. More info to come.”

US, RUSSIA TRADE JABS

Tom Bossert, President Donald Trump’s top cyber and homeland security adviser, brushed aside suggestions that the United States was to blame for the attack, which stemmed from a flaw discovered by the US National Security Agency and later leaked.

“This was not a tool developed by the NSA to hold ransom data,” he said, noting that no US government systems had been hit. “This is a global attack,” he added.

Russian President Vladimir Putin earlier had pointed the finger at the United States.

“A genie let out of a bottle of this kind, especially created by secret services, can then cause damage to its authors and creators,” the Russian leader said on the sidelines of a summit in Beijing.

Russia has recently been accused of cyber meddling in several countries, but Putin said they had nothing to do with the attack.

Over the weekend, Microsoft’s president and chief legal officer Brad Smith said attacks highlighted the dangers from the NSA’s “stockpiling” of secret hacking tools.

There had been concern that Monday’s start of the working week would see an upsurge in attacks.

But the cross-border police agency Europol said the situation was “stable” after attacks that struck computers in British hospital wards, European car factories and Russian banks.

“The number of victims appears not to have gone up,” a senior spokesman for Europol, Jan Op Gen Oorth, told AFP.

But according to Michel Van Den Berghe, director of telecom group Orange’s cyber security arm, a “second wave” is to be expected.

TELECOMS AND CARMAKING HIT

US package delivery giant FedEx, Spanish telecoms giant Telefonica and Germany’s Deutsche Bahn rail network were among those hit. The attackers demanded money to unblock their computers.

In China, “hundreds of thousands” of computers were affected, including gas stations, cash machines and universities, according to Qihoo 360, one of the country’s largest providers of antivirus software.

Russia said its banking and railway systems were targeted.

A fifth of regional hospital associations in Britain’s National Health Service were affected and several still had to cancel appointments on Monday.

French car manufacturer Renault shut its Douai plant – one of its biggest sites, employing 5,500 people – as systems were upgraded.

The attack blocks computers and puts up images on victims’ screens demanding payment of US$300 (€275) in the virtual currency Bitcoin, saying: “Ooops, your files have been encrypted!”

Bossert said that paying the ransom provided no guarantee files would be unlocked.

He told a news conference that “it appears that less than US$70,000 has been paid in ransoms and we are not aware of payments that have led to any data recovery.”

Bitcoin, the world’s most-used virtual currency, allows anonymous transactions via heavily encrypted codes.

Experts and governments alike warn against ceding to the demands and few victims so far had been paying up.

A hacking group called Shadow Brokers released the malware in April, claiming to have discovered the flaw from the NSA.

The attack is unique, according to Europol, because it combines ransomware with a worm function, meaning once one machine is infected, the entire internal network is scanned and other vulnerable machines are infected.

Although the economic fallout is still unknown, the political fallout “will be significant” according to the Eurasia consultancy.

In addition to Russia, China and India have blamed the US government for developing the original code.

Source: AFP/de

Advertisements
This entry was posted in North Korea and tagged by Trần Đình Hoành. Bookmark the permalink.

About Trần Đình Hoành

I am an attorney in the Washington DC area, with a Doctor of Law in the US, attended the master program at the National School of Administration of Việt Nam, and graduated from Sài Gòn University Law School. I aso studied philosophy at the School of Letters in Sài Gòn. I have worked as an anti-trust attorney for Federal Trade Commission and a litigator for a fortune-100 telecom company in Washington DC. I have taught law courses for legal professionals in Việt Nam and still counsel VN government agencies on legal matters. I have founded and managed businesses for me and my family, both law and non-law. I have published many articles on national newspapers and radio stations in Việt Nam. In 1989 I was one of the founding members of US-VN Trade Council, working to re-establish US-VN relationship. Since the early 90's, I have established and managed VNFORUM and VNBIZ forum on VN-related matters; these forums are the subject of a PhD thesis by Dr. Caroline Valverde at UC-Berkeley and her book Transnationalizing Viet Nam. I translate poetry and my translation of "A Request at Đồng Lộc Cemetery" is now engraved on a stone memorial at Đồng Lộc National Shrine in VN. I study and teach the Bible and Buddhism. In 2009 I founded and still manage dotchuoinon.com on positive thinking and two other blogs on Buddhism. In 2015 a group of friends and I founded website CVD - Conversations on Vietnam Development (cvdvn.net). I study the art of leadership with many friends who are religious, business and government leaders from many countries. In October 2011 Phu Nu Publishing House in Hanoi published my book "Positive Thinking to Change Your Life", in Vietnamese (TƯ DUY TÍCH CỰC Thay Đổi Cuộc Sống). In December 2013 Phu Nu Publishing House published my book "10 Core Values for Success". I practice Jiu Jitsu and Tai Chi for health, and play guitar as a hobby, usually accompanying my wife Trần Lê Túy Phượng, aka singer Linh Phượng.

Trả lời

Mời bạn điền thông tin vào ô dưới đây hoặc kích vào một biểu tượng để đăng nhập:

WordPress.com Logo

Bạn đang bình luận bằng tài khoản WordPress.com Log Out / Thay đổi )

Twitter picture

Bạn đang bình luận bằng tài khoản Twitter Log Out / Thay đổi )

Facebook photo

Bạn đang bình luận bằng tài khoản Facebook Log Out / Thay đổi )

Google+ photo

Bạn đang bình luận bằng tài khoản Google+ Log Out / Thay đổi )

Connecting to %s