North Korean links to cyber attack mooted
THE European police agency said yesterday it was still too early to determine who was behind a massive cyber attack which has caused global computer chaos, as researchers reported signs of a possible North Korean link.
“We are open to investigate in all directions, but we don’t speculate and we cannot confirm this. It’s still too early to say anything,” Europol senior spokesman Jan Op Gen Oorth said.
“We are working on it. The investigation is ongoing. It could come from everywhere, it could come from any country.”
Security researchers investigating the massive cyber attack campaign yesterday reported signs of a possible North Korean link, with one expert warning there could be more to come.
In the first clues of the origin of the massive ransomware attacks, Google researcher Neel Mehta posted computer code that showed similarities between the “WannaCry” malware and a vast hacking effort widely attributed to Pyongyang.
However, in signs the attack was slowing, Europol said the number of affected IP addresses around the world was 163 745 -- a 38% fall from the 226 000 reported on Sunday.
The attack blocks computers and puts up images on victims’ screens demanding payment of ß275 (R4 000) in the virtual currency Bitcoin, saying: “Ooops, your files have been encrypted!”
Europol, the cross-border policing agency which is based in The Hague, said some 243 payments of a total of about ß57 000 (R827 000) had been made since the attack was launched late on Friday.
Dutch cyber spy chief Rob Bertholee, meanwhile, refused to be drawn on the identity of the attackers. The Netherlands had already fingered Pyongyang as a possible threat to its national digital systems, he said at a top cyber security conference being held in The Hague.
“Every state actor could be an actor in cyber space. But we are specifically worried about a limited number of state actors.
“In our list of favourite state actors you can find Russia, you can find China, you can find Iran. And I think we might have a very capable adversary in North Korea as well.”
He also warned that with the world’s infrastructure heavily interconnected there were increasing vulnerabilities.
“We might be closer to a serious act of digital sabotage than a lot of people can imagine.”