Expert finds more North Korea links in ransomware attack

2017-05-16 18:00
(iStock)

(iStock)

Multimedia   ·   User Galleries   ·   News in Pictures Send us your pictures  ·  Send us your stories

Seoul - A South Korean cyber security expert said on Tuesday there is more circumstantial evidence that North Korea may be behind the global "ransomware" attack: the way the hackers took hostage computers and servers across the world was similar to previous cyber-attacks attributed to North Korea.

Simon Choi, a director at anti-virus software company Hauri, who has analysed North Korean malware since 2008 and advises the government on cyber-attacks, said the North is no newcomer to the world of bitcoins and has been mining the digital currency using malicious computer programmes since as early as 2013.

In the current attack, hackers demand payment from victims in bitcoins to regain access to their encrypted computers.

Underestimating capabilities

In 2016, Choi accidentally spoke to a hacker traced to a North Korean internet address about development of ransomware and he alerted South Korean authorities.

If North Korea, believed to be training cyber warriors at schools, is indeed responsible for the latest attack, Choi said the world should stop underestimating its capabilities and work together to think of a new way to respond to cyber threats, such as having China pull the plug on North Korea's internet.

Choi is one of a number of researchers around the world who have suggested a possible link between the "ransomware" known as WannaCry and hackers linked to North Korea.

While Choi's speculation may deepen suspicions that the nuclear-armed state is responsible, the evidence is still far from conclusive. Authorities are working to catch the extortionists behind the global cyber-attack, searching for digital clues and following the money.

Banking systems
Researchers at Symantec and Kaspersky Lab have found similarities between WannaCry and previous attacks blamed on North Korea.

South Korea has been a frequent target of cyber-attacks that it traced to its northern neighbour. Some high-profile attacks between 2009 and 2013 shut down government websites, banking systems and paralysed broadcasters.

South Korea was mostly spared from the latest ransomware attack, partly because the constant threats have made the government and companies careful about always updating their software.


Read more on:    south korea  |  north korea  |  cyber attacks

Join the conversation!

24.com encourages commentary submitted via MyNews24. Contributions of 200 words or more will be considered for publication.

We reserve editorial discretion to decide what will be published.
Read our comments policy for guidelines on contributions.
NEXT ON NEWS24X

Inside News24

 
/News
 

8 great natural remedies for your pet

Tips and tricks to cure your pet’s itches and coughs, naturally.

 
 

Paws

Buying a puppy? Don’t get scammed!
WATCH: These funny animal videos will make you LOL!
11 animals before and after they were adopted from shelters
Competition pet grooming – creative or too extreme?
Traffic Alerts
There are new stories on the homepage. Click here to see them.
 
English
Afrikaans
isiZulu

Hello 

Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.


Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Settings

Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.




Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.