Possible N Korea link suspected in WannaCry attack
Security researchers on Monday reported signs of a potential North Korea link to the cyberattack campaign that sparked havoc in computer systems worldwide and opened fresh political rifts between Russia and the United States.
A top US official said the number of computers affected had reached 300,000, but that infection rates had slowed.
In the first clues of the origin of the ransomware attacks, Google researcher Neel Mehta posted computer code that showed similarities between the WannaCry malware and a hacking effort attributed to Pyongyang.
Other experts quickly jumped on this as a sign — although inconclusive — that North Korea may have been responsible.
“We believe this might hold the key to solve some of the mysteries around this attack,” said researchers at the Russian-based Kaspersky.
Israeli-based Intezer Labs said it agreed with the North Korea attribution. Putin earlier pointed the finger at the US. “A genie let out of a bottle of this kind, especially created by secret services, can then cause damage to its authors and creators,” he had said.
The cyber attack blocks computers and puts up images on victims’ screens demanding payment of $300 in the virtual currency Bitcoin.
Bossert said that paying the ransom provided no guarantee files would be unlocked.
He told a news conference that “it appears that less than $70,000 has been paid in ransoms and we are not aware of payments that have led to any data recovery.”
The attack is unique, according to Europol, because once one machine is infected, the entire internal network is scanned and other vulnerable machines are infected.
Although the economic fallout is still unknown, the political fallout “will be significant” according to the Eurasia consultancy.
In addition to Russia, China and India have blamed the US government for developing the original code.