‘CYBERATTACK SAME AS N. KOREAN HACKS’
Authorities working to prevent spread of new versions of virus
CYBERSECURITY researchers said they have found evidence to link North Korea with the WannaCry cyberattack that has infected more than 300,000 computers worldwide as global authorities scramble to prevent hackers from spreading new versions of the virus.
A researcher from South Korea’s Hauri Labs yesterday said their findings matched those of Symantec and Kaspersky Lab, who said on Monday that some code in an earlier version of the WannaCry software had appeared in programmes used by the Lazarus Group, identified by some researchers as a North Korea-run hacking operation.
“It is similar to North Korea’s backdoor malicious codes,” said Hauri Lab senior researcher Simon Choi, who has done extensive research into the North’s hacking capabilities and advises South Korean police and National Intelligence Service.
Based on the evidence that was published on Twitter by Google security researcher Neel Mehta, Symantec and Kaspersky said it was too early to tell whether the North was involved in the attacks.
The attacks, which slowed on Monday, are among the fastest-spreading extortion campaigns on record. However, damage in Asia has been limited.
Vietnam’s state media yesterday said more than 200 computers had been affected.
Taiwan Power Company said nearly 800 of its computers were affected, although they were used for administration and not involved in electricity generation.
FireEye Inc, another large cybersecurity firm, said it was investigating, but cautious about drawing a link to North Korea.
“The similarities are not unique enough to be strongly suggestive of a common operator,” FireEye researcher John Miller said.
United States and European security officials, on condition of anonymity, said it was too early to say who might be behind the attacks, but they did not rule out North Korea as a suspect. Reuters