There is a direct link between the North Korean government and the creation of a destructive computer worm. The worm has infiltrated over 300,000 computers in about 150 countries in just the past month says US intelligence.
An assessment was issued internally which was not made public. The internal assessment was based on an analysis of the techniques and tactics used and show that North Korea’s spy agency, Reconnaissance General Bureau, targeted the worm attack. Someone who read the report stated it pointed to North Korea with moderate confidence. It also states that cyber actors were sponsored by the spy agency and created two versions of the worm.
It was purported to be built around a hacking tool and posted online by a group called the Shadow Brokers. This anonymous group was trying to use the worm to raise money for themselves. The efforts were flawed. They did raise about $140,000 in Bitcoins but have yet to cash the digital currency in. It could be due to the fact that this operational error has made it easy for them to be tracked by the law.
The assessment is not yet conclusive, but the majority of the evidence points to a North Korean hacking group out of Pyongyang. The addresses used in China by the RGB are a wide range of IPs. This assessment goes along with other reports generated by other spy agencies throughout the west. It is believed that the WannaCry hackers also go by the name of the Lazarus Group, another name used by private sector investigators. One agency reports a prototype of WannaCry ransomware was discovered in the spring in a non-Western bank. This information became a building block that comprised the North Korea assessment.
The link shows that while the latest US political leaders tried to stop North Korea’s aggression, it has yet to be discouraged. It still launched the most wide ranged cyberattack ever. North Korea is an isolated country with not a lot of technical infrastructure. It has still managed to deploy these attacks and aggravate its main rival, South Korea.
It has also succeeded in generating revenue to continue on with these games. In the past year, security personnel has found that North Korea was the main culprit behind the cyber attack heist on Asian banks. One attack in Bangladesh yielded more than $81 million. It was done by manipulating the global payment messaging system.
Sony Pictures Entertainment was hacked by North Korea in 2014. During this attack, the leaders demanded that the studio pull a film from distribution because it poked fun at the country’s leader, The cyber attackers were able to disable the corporation’s computers. What appalled President Obama was the fact that more damage would be done if Sony Pictures Entertainment did not pull the movie even though it would be a clear violation of its freedom of speech rights. The blame was put on the Pyongyang group and new sanctions were placed on them.