N.Korea Suspected in Global Ransomware Attack

  • By Park Keon-hyung, Lee Yong-soo

    May 17, 2017 12:23

    A ransomware attack that hijacked computers in vital business and services around the globe since last Friday has been linked to hackers connected to North Korea.

    Global cybersecurity firms have pointed at North Korea as the mastermind behind the latest cyberattack.

    Symantec, Intezer Labs of Israel and Russia's Kaspersky Lab on Monday agreed that a considerable part of the "WannaCry" ransomware is identical with a hacking program used by the Lazarus group, which has ties to North Korea.

    Desperate users whose data had been taken hostage paid some US$70,000 in bitcoin to the hackers, who targeted computers that run on the Windows operating system across 150 countries.


    But in vain. White House Homeland Security adviser Tom Bossert told reporters, "We are not aware of payments that have led to any data recovery."

    He estimated that more than 300,000 computers were taken down around the world.

    A screen that popped up on infected computers demanded $300 to $600 in bitcoin as payments to unlock important files.

    The cost of damage was relatively low despite the wide scope of infection because the ransomware spread chiefly to large organizations using public networks and the outdated Windows XP operating system.

    Meanwhile, the Joint Chiefs of Staff here on Tuesday raised the INFOCON cyber defense alert to a higher level from 4 to 3, a spokesman said.

    "We raised the alert on Sunday in preparation for an attack against the military network by hostile forces on the strength of the spread of ransomware," he added.

    INFOCON is issued by the JCS chairman in response to any sign of cyberattack against the military's computer, wireless and mobile networks. It has five stages in reverse numerical order.

    • Copyright © Chosunilbo & Chosun.com
    Previous Next
    All Headlines Back to Top