British and American security officials believe the WannaCry cyber attack which crippled the NHS was launched from North Korea in a bid to raise money for the secretive nation.
Cyber warfare is proving a growing concern with attacks linked to countries such as Russia and North Korea increasing in pace and effect. Earlier this week, it emerged Obama issued a ‘red phone’ warning to the Kremlin over allegations of Russian meddling in the US elections.
Analysts believe an operational error has made the transactions easy to track
A hack which targeted Sony Pictures was traced to North Korean hacking group ‘Lazarus’ after the attack locked employees out their computers and leaked personal information and unreleased films to the web.
Lazarus is expected to be the culprit behind the most recent cyber attack which spread the WannaCry ransomware using a Windows XP exploit known and hoarded by US intelligence’s National Security Agency (NSA) for use in their operations before it was leaked.
The ransomware spread globally but it was the UK’s health service that was impacted the most with some critical systems taken offline and many others disrupted causing serious delays and cancellations to appointments and surgeries.
WannaCry demanded a bounty of $300 per infected PC and threatened it would double to $600 if the ransom was not paid within three days. The hackers are expected to have raised $140,000 and the amount had to be paid in Bitcoin, which may have proven to be the hackers undoing.
It was the UK’s health service that was impacted the most with some critical systems taken offline
Analysts believe an operational error has made the transactions easy to track, including by law enforcement. Therefore, no online currency exchange will touch it. Jake Williams, Founder of Rendition Infosec, a cybersecurity firm, has likened it to “like knowingly taking tainted bills from a bank robbery”.
Britain’s National Cyber Security Centre (NCSC) led the international investigation and made the conclusion about North Korea’s involvement in recent weeks. The NSA, meanwhile, has further narrowed it with “moderate confidence” to North Korea’s spy agency, the Reconnaissance General Bureau.
Due to North Korea’s secrecy, the details surrounding leadership and who ordered the attack is unclear. Experts believe the attack was not expected to spread as fast as it did and therefore attract so much attention from the international community.
What are your thoughts about the WannaCry cyber attack revelations? Let us know in the comments.