U.K. cybercops bent on fifinding
Days after the global cyberattack, police in the United Kingdom are trying to fifigure out whether it was an established network of criminals, state-backed hackers or bored teenagers that crippled the country’s health service.
The malware campaign affffffffffffected more than 200,000 computers in at least 150 countries, locking users out of systems at Chinese government agencies, Deutsche Bahn, automakers Nissan Motor Co. and Renault, logistics giant FedEx Corp. and hospitals around the world. As security experts gain the upper hand in containing the infection, police have begun the hunt for its creators.
“The response is beyond anything I’ve seen before,” said Steven Wilson, the head of Europol’s EC3 cybercrime unit. “The picture is starting to emerge slowly. This could be something that is going to take us a considerable period of time.”
Finding and locking up hackers may be the toughest job in law enforcement. Criminals can use the darkweb — the subterranean layer of the internet untouched by conventional search engines — to disguise their activities, and make use of a complex online ecosystem of black market services that is global in nature. Suspects are often in Eastern Europe, Russia or other hard-to-reach jurisdictions for U.S. or European police.
The U.K. and Russia were among the worst hit, making them the likely leaders in any investigation.
“We are absolutely focused in fifinding out who the criminals behind this attack are,” said Lynne Owens, director general at the National Crime Agency, known as the U.K.’s FBI. “At this moment in time, we don’t know whether it’s a very sophisticated network or whether it’s a number of individuals working together,” Owens said in an interview posted on the agency’s website.
Unlike being hacked by c l i c k i n g o n a ma l i c i o u s email or link, the “WannaCry” virus replicated itself, spreading from computer to computer automatically and demanding that computer users pay a ransom in bitcoin, an online currency that is extremely diffificult to track.
“It takes a colossal amount of time, resource, knowle d ge , s k i l l a n d e f f o r t t o look through all the data and follow it through all the encrypted steps,” said Brian Lord, a former director at the U.K.’s signals intelligence agency, GCHQ.
Lord, now an executive at security fifirm PGI Cyber, said it takes “strategic patience” and that law enforcement agencies — with all of their competing priorities and demands — rarely had such qualities.
This time it may be difffffffffffferent, given the widespread