The global ransomware attack known as Wannacry or Wannacrypt has an uncertain history. Some believe it was Russian in nature, due to Russian hackers’ taste for the tactic and the unusually clean and precise Russian. But evidence has been mounting that North Korea either started the attack or was heavily involved.
The New York Times is reporting that much of the code and tools used for Wannacry are similar to those used by North Korea’s state-sponsored Lazarus Group, with similarities to code used to attack Sony Pictures in 2014, for example. While this isn’t a smoking gun, as cybercriminals and state-sponsored groups steal and rework each other’s code, it’s strong evidence North Korea is involved somehow. It also doesn’t indicate the attack was state-sponsored, although it’d raise some eyebrows that a group that has done the bidding of the state before would go rogue like this.
We may never know who issued the attack in the end. But one thing we do know is that whatever their goal might have been, financially, it’s been a failure. As of Monday, the attack has only made, despite striking 200,000 computers, about $100,000. So, if nothing else, as you patch your system, take solace that even the hackers are annoyed.
(via The New York Times)