WannaCry hackers
damage caused by WannaCry, according to Thomas Brown, a former assistant U.S. attorney in New York who super vi sed a c ybercrime unit.
“The wealth of available evidence given the vast scope of the attack, as well as the fact that there will probably be very strong international cooperation in light of the huge number of affffffffffffected countries (including Russia), indicate that the investigation will be extremely robust,” he said.
The probe will likely feature a combination of hightech evidence gathering and traditional gum shoe techniques, such as interviewing suspects and confifidential sources, said Brown, a managing director at Berkeley Research Group.
An NCA spokeswoman said the agency would use its international liaison offifficers, based in 120 countries, to work with overseas forces.
Leading the NCA operation is Oliver Gower, a for- mer civil servant who speaks flfluent French and who has spend the past five years helping build a coordinated government response to cybercrime, according to his LinkedIn profifile.
“C y b e r c r i mi n a l s may believe they are anonymous but we will use all the tools at our disposal to bring them to justice,” Gower said in a statement last week.
The NCA has made progr e s s i n d i s ma n t l i n g t h e online systems that distribute viruses, and recently arrested suspected cyber money launderers. Unlike U.S. authorities, it doesn’t have a track record of extraditing overseas hackers or, in one instance, seizing them while on holiday in the Maldives. The NCA’s cyber division is probably best known for an advertising campaign trying to dissuade teenagers from breaking computer laws.
The NCA can also call on the U.K.’s new National Cyber Securit y Center, a GCHQ division created last year to be the public face of the famously secretive data collection agency.
The NCSC coordinated the immediate response to the ransonware attack, its fifirst major incident. Over the weekend, the center made contact with some of the world’s largest private cyber security companies, including Secureworks Corp. and FireEye Inc., compiling information about the ransomware and how to contain it.
“This is the NCA’s biggest challenge to date,” said Alex Mendez, joint founder of Remora, a London-based c omputer s e c ur i t y f i r m. The agenc y could potentially work together with other countries but in practice it can be hard to agree on operational actions due to the underlying political environment, he said.