Cybersecurity researchers have found evidence they say could link North Korea with the WannaCry cyber attack that has infected more than 300,000 computers worldwide, as global authorities scrambled to prevent hackers from spreading new versions of the virus.
A researcher from South Korea's Hauri Labs said on Tuesday their own findings matched those of Symantec and Kaspersky Lab, who said on Monday that some code in an earlier version of the WannaCry software had also appeared in programs used by the Lazarus Group, identified by some researchers as a North Korea-run hacking operation.
"It is similar to North Korea's backdoor malicious codes," said Simon Choi, a senior researcher with Hauri who has done extensive research into North Korea's hacking capabilities and advises South Korean police and National Intelligence Service.
Both Symantec and Kaspersky said it was too early to tell whether North Korea was involved in the attacks, based on the evidence that was published on Twitter by Google security researcher Neel Mehta.
The attacks, which slowed on Monday, are among the fastest-spreading extortion campaigns on record.
In China, foreign ministry spokeswoman Hua Chunying said she had no information to share, when asked about the origin of the attack and whether North Korea might be connected.
Several Asian countries have been affected by the malware, although the impact has not been as widespread as some had feared.
In Malaysia, cybersecurity firm LE Global Services said it identified 12 cases so far, including a large government-linked corporation, a government-linked investment firm and an insurance company. It did not name any of the entities.
"We may not see the real picture yet, as companies are not mandated to disclose security breaches to authorities in Malaysia," said LE Global CEO Fong Choong Fook.
"The real situation may be serious. In one of the cases, the attack was traced back to early April."
Vietnam's state media said on Tuesday more than 200 computers had been affected.
Taiwan Power Co. said that nearly 800 of its computers were affected, although these were used for administration, not for systems involved in electricity generation.
EXPERTS URGE CAUTION
FireEye Inc, another large cyber security firm, said it was also investigating, but it was cautious about drawing a link to North Korea.
"The similarities we see between malware linked to that group and WannaCry are not unique enough to be strongly suggestive of a common operator," FireEye researcher John Miller said.
U.S. and European security officials told Reuters on condition of anonymity that it was too early to say who might be behind the attacks, but they did not rule out North Korea as a suspect.
The Lazarus hackers, acting for impoverished North Korea, have been more brazen in their pursuit of financial gain than others, and have been blamed for the theft of $81 million from the Bangladesh central bank, according to some cyber security firms. The United States accused it of being behind a cyber attack on Sony Pictures in 2014.
An official at South Korea's Korea Internet & Security Agency said on Tuesday the agency was sharing information with intelligence officials on recent cases reported for damages but was not in position to investigate the source of the attack.
The official declined to comment on intelligence-related matters.
A South Korean police official that handles investigations into hacking and cyber breaches said he was aware of reports on the North Korean link, but said police were not investigating yet.
Victims haven't requested investigations but they want their systems to be restored, the official said.
North Korea has denied being behind the Sony and banking attacks. North Korean officials were not immediately available for comment and its state media has been quiet about the matter.
Hauri researcher Choi said the code bore similarities with those allegedly used by North Korean hackers in the Sony and bank heists. He said based on his conversations with North Korean hackers, the reclusive state had been developing and testing ransomware programs since August.
In one case, alleged hackers from North Korea demanded bitcoin in exchange for client information they had stolen from a South Korean shopping mall, Choi added.
The North Korean mission to the United Nations was not immediately available for comment on Monday.
While the attacks have raised concerns for cyber authorities and end-users worldwide, they have helped cybersecurity stocks as investors bet governments and corporations will spend more to upgrade their defenses.
Cisco Systems closed up 2.3 percent on Monday and was the second-biggest gainer in the Dow Jones Industrial Average.
Reuters
Tue May 16 2017
A projection of cyber code on a hooded man is pictured in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel
Cabul MRSM: Polis selesai rakam keterangan 14 individu
Polis Kelantan telah memanggil 14 individu untuk memberi keterangan berhubung kes pedofilia yang melibatkan seorang guru di MRSM Tumpat.
penjawat awam ditahan polis positif dadah
Seramai 11 penjawat awam antara 30 yang ditahan polis kerana positif dadah di sebuah pusat hiburan di Batu Pahat, awal pagi Ahad.
Inspektor ditahan kerja
Seorang Inspektor polis yang ditahan bagi membantu siasatan kes amang seksual terhadap remaja perempuan berusia 16 tahun, akan dikenakan tindakan tahan kerja.
Enam lagi laporan kes liwat pelajar
Polis tidak menolak kemungkinan beberapa lagi laporan polis akan dibuat oleh mangsa lain selepas seorang ustaz dicekup dipercayai meliwat tiga pelajar lelaki di sebuah pusat tahfiz di Machang.
Polis sahkan Chegu Bard direman dua hari
Polis sahkan Badrul Hisham Shaharin atau lebih dikenali Chegu Bard ditahan dan direman dua hari untuk siasatan mengikut Akta Hasutan 1948.
Mesyuarat Khas WEF di Arab Saudi, PM Anwar & Pemimpin Dunia
Dunia sedang diasak dengan pelbagai masalah dan ramai yang bertanya; apa hala tuju dan ‘Wawasan Baharu’ dunia? Ikuti langsung Perdana Menteri Datuk Seri Anwar Ibrahim, Presiden Rwanda, Paul Kagame, Menteri Ekonomi Arab Saudi, Faisal Alibrahim berkongsi pentas di Mesyuarat Khas WEF berlangsung di Riyadh.
#AWANInews #SpecialMeeting24
#AWANInews #SpecialMeeting24
Landskap pelancongan Labuan alami peremajaan untuk tingkat daya tarikan
Sektor pelancongan merupakan pemacu ekonomi utama dan Jabatan Wilayah Persekutuan (JWP) komited untuk mengukuhkannya.
Nahas helikopter Lumut: Khidmat kaunseling diteruskan bergantung keperluan - Noraini
Hasil pemerhatian mendapati waris mangsa masih bersedih, namun kuat semangat untuk menerima kejadian yang menimpa ahli keluarga mereka.
TH tanggung lebih RM350 juta kos tunai haji tahun ini
Lembaga Tabung Haji menanggung lebih RM350 juta membabitkan kos menunaikan haji menerusi Bantuan Kewangan Haji pada tahun ini.
Mesyuarat Khas WEF, Perdana Menteri dan Pemimpin Dunia
Perdana Menteri Datuk Seri Anwar Ibrahim akan menyampaikan ucapan dalam Sidang Plenari Pembukaan Mesyuarat Khas World Economic Forum (WEF) di Arab Saudi. Ikuti analisis menyeluruh bersama Penganalisis Ekonomi, Fithra Faisal Hastiadi; Ketua Pengarang Astro AWANI, @AshwadIsmail; dan Pengarang Niaga AWANI, @NajibAroff #BuletinAWANIKhas