If you have been watching the news since last week Friday then you may have heard of the WannaCry ransomware that has affected over 300,000 computers in 150 countries till date. Just yesterday it was revealed that victims may have paid about $70,000 to the attackers so far in what may be a victory for them but still a far cry from the $90m they expect to have least recovered from victims so far. But now that the worst of that storm may be over, its definitively time for the blame game but where do you start and speaking from a law enforcement point of view, the questions would then be
Who could be responsible?
Who might have such a tool to pull this off and
What might their motive be?
So let’s begin with the first one which is also broad and will continue to evolve in the days ahead but analysts think they may have narrowed it down to North Korea and maybe a few other rogue states. Now North Korea has been accused of being behind the hacking group called Lazarus which was accused of being behind attacks like the one on Sony in 2014. The group is accused of engaging in one of the biggest bank heists in the world and Russian security firm Kaspersky says the group has attacked financial institutions in Costa Rica, Ethiopia, Gabon, India, Indonesia, Iraq, Kenya, Malaysia, Nigeria, Poland, Taiwan, Thailand, and Uruguay with $81m missing from the Central Bank of Bangladesh last year alone. Now security companies like Symantec, Kaspersky and researchers at Google who have all examined the WannaCry code have seen signs pointing to Lazarus and even as they haven’t definitively confirmed this, early results show that its likely that North Korea was responsible for this.
So now we know that it could potentially be North Korea and then the second one is if they possess the tools. Well the fact that they are a state (hermit or not) with a track record makes it well known that they have such capabilities. While their neighbor South Korea saw some of their computers affected by WannaCry, North Korea is not very connected to the rest of the world’s internet and so you can understand why they might not be affected like others. But we know that they hacked Sony and financial institutions globally and so yes, they have the tools to carry this out. But why would they be interested?
The key point on why they could have done this is “Money”. You see they are under heavy international sanctions but still need to show the rest of the world that they can still fund their nuclear program. Even China isn’t happy with North Korea these days which could also mean that their main source of income could be in danger and so there’s only one way left and that’s through illegal means such as ransomware and bank heists. The other reason North Korea could have done this is to show their digital might along with their military arsenal. North Korea is never shy of showing us the weapons they have and this might just be that.
Whatever the reason, you don’t have to wait till it happens to you, update Windows today to stay safe and please stay away from links in emails and online that could infect your computer with a malware.
Paul Balo is the founder of TechBooky and a highly skilled wireless communications professional with a strong background in cloud computing, offering extensive experience in designing, implementing, and managing wireless communication systems.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behaviour or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
