Worldwide

Expert finds more possible North Korea links to cyberattack

Expert finds more possible North Korea links to cyberattack

London/Washington-As the world struggles to identify the cybercriminals behind the global ransowmware attack that hit 150 countries over the weekend, Neel Mehta, an Indian-origin security researcher working with Google, has claimed on Twitter that the hackers may have links to North Korea.

Security experts are examining a potential link in the computer code behind the global attack with earlier ones that could suggest North Korea was responsible.

"However, the analysis of the February sample and comparison to WannaCry samples used in recent attacks shows that the code which points at the Lazarus group was removed from the WannaCry malware used in the attacks started last Friday".

Neel Mehta has published a code which a Russian security firm has termed as the "most significant clue to date", BBC reported on Tuesday.

"We believe it's important that other researchers around the world investigate these similarities and attempt to discover more facts about the origin of "WannaCrypt", the cyber security company added.

Comae Technologies founder and security researcher Matt Suiche, meanwhile, said that there is "no doubt" that the code is shared between the two programs.

Attributing cyberattacks can be notoriously hard - often relying on consensus rather than confirmation, the report said.

There are possibilities that skilled hackers might have simply made the hack look like it had origins in North Korea by using similar techniques.

Kaspersky Lab said: "The similarity of course could be a false flag operation".

Lazarus Group has been known to utilize and target Bitcoin in their hacking operations.

"There's a lot of ifs in there". There have been reports the Lazarus group is affiliated with Bureau 121.

In addition to past alleged cyber attacks, North Korea had also been accused of counterfeiting $100 bills which were known as "superdollars" or "supernotes" because the fakes were almost flawless. While some Korean companies and individuals have been reportedly affected the government has said its computers have not.

The U.S. government blamed North Korea for the hack on Sony Pictures Entertainment that leaked damaging personal information after Pyongyang threatened "merciless countermeasures" if the studio released a dark comedy movie that portrayed the assassination of Kim Jong Un.

Second, North Korean cyber-attacks have typically been far more targeted, often with a political goal in mind. WannaCry, in contrast, was wildly indiscriminate - it would infect anything and everything it could, the report said.

With more than 200,000 machines infected, it's a bad return, the report said. This relief was however short lived as the attackers froze more files and demanded ransom from operators of several computers in over 150 countries including U.S.

The most disruptive attacks were reported in the United Kingdom, where hospitals and clinics were forced to turn away patients after losing access to computers.