Clues point to possible North Korean involvement in massive cyberattack
Security researchers have found digital clues in the malware used in last weekends global ransomware attack that might indicate North Korea is involved, although they caution the evidence is not conclusive.
An early version of the WannaCry ransomware that affected more than 150 countries and major businesses and organizations shares a portion of its code with a tool from a hacker group known as Lazarus, which researchers think is linked to the North Korean government.
This implies there is a common source for that code, which could mean that North Korean actors wrote Wannacry or they both used the same third-party code, said John Bambenek, threat research manager at Fidelis Cybersecurity.
White House homeland security adviser Thomas Bossert said Monday that investigators were still working to determine who was behind the attack, which infects computers with a virus that encrypted data and is accompanied by a demand that victims pay a ransom to decrypt it. Thats the attribution that were after right now, he said at a White House briefing. It will be very satisfying for me and for all of our viewers, I think, that if we find them that we bring them to justice. . . . I dont want to say we have no clues. . . . The best and the brightest are working on that.
https://www.washingtonpost.com/world/global-markets-shrug-off-fears-after-massive-cyberattack/2017/05/15/16265198-3958-11e7-9e48-c4f199710b69_story.html?hpid=hp_hp-top-table-low_cyberattack1152pm%3Ahomepage%2Fstory&utm_term=.114646ffb72b