Daily Report: Evidence Points to North Korea in Ransomware Attack

May 18, 2017

JIM KERSTETTER New York Times

https://www.nytimes.com/2017/05/17/technology/daily-report-evidence-points-to-north-korea-in-ransomware-attack.html?smprod=nytcore-iphone&smid=nytcore-iphone-share

It didn’t take long for researchers to start drawing connections from the ransomware attack that raced around the world over the last five days to earlier episodes, including attacks on Polish banks and the assault on Sony Pictures in 2014.

The common thread, according to the researchers? North Korea.

Workers at the Korea Internet and Security Agency in Seoul, South Korea, monitored the spread of ransomware cyberattacks on Monday. Credit Yonhap

Workers at the Korea Internet and Security Agency in Seoul, South Korea, monitored the spread of ransomware cyberattacks on Monday. Credit Yonhap

North Korea takes its hacking seriously. Students are selected at an early age for their aptitude and are groomed for the work, similar to the way young athletes or musicians are cultivated in other nations. The students are often educated in other countries, where they frequently work in legitimate jobs.

On command, these sleeper cells activate and hit their targets.

Placing its hackers in other countries acts as a sort of advanced war planning for North Korea. If the country should enter a conflict, the hackers can be called to attack opponents’ computer networks. And if China were to cut off North Korea’s limited internet access, the hackers would still be able to do their work.

China, one of North Korea’s few trading partners and its chief enabler, was among the worst hit by the ransomware attack. If the links from the global ransomware attack are confirmed, researchers will be watching for retribution.