Ransomware gang linked to N. Korea
WannaCry virus blamed for global disruptions
The “ransomware” attack on computers throughout the world has been linked to a gang of cybercriminals possibly tied to the North Korean government.
Analysts from security firms Symantec and Kaspersky said they were looking at clues that appeared to link the WannaCry virus to the Lazarus Group who are believed to be behind a strong of high-profile cyber crimes.
Kaspersky said there were similarities in coding between an early version of WannaCry and a February 2015 cyber attack from the Lazarus Group.
“We believe it’s important that other researchers around the world investigate these similarities and attempt to discover more facts about the origin of WannaCry,” said Kaspersky in a blog.
The security firm has previously investigated the Lazarus Group and believes it was behind the “Sony Wiper” attack — which crippled the company in 2014, the “DarkSeoul” operation — which targeted South Korean banks and media companies, and a US$81 million cyber heist of a Bangladeshi bank.
“The scale of the Lazarus operations is shocking,” said the Kaspersky blog that accused the group of running a “malware factory.”
The U.S. government later blamed North Korea for the Sony attack and there has been speculation that the Lazarus Group is a North Korean state actor.
On Monday, the WannaCry cyberattack spread to thousands of more computers as people logged in at work, disrupting business, schools, hospitals and daily life, though no new large-scale breakdowns were reported.
In Britain, whose health service was among the first high-profile targets of the attack Friday, some hospitals and doctors’ offices were still struggling to recover.