Cyber attack clues point to N Korea as suspect

Dhaka,  Mon,  24 July 2017
Published : 16 May 2017, 15:24:54
printer

Cyber attack clues point to N Korea as suspect

Cyber attack clues point to N Korea as suspect
Intelligence officials and private security experts say that new digital clues point to North Korean-linked hackers as likely suspects in the sweeping ransomware attacks that have crippled computer systems around the world, according to The New York Times.

The indicators are far from conclusive, the researchers warned, and it could be weeks, if not months, before investigators are confident enough in their findings to officially point the finger at Pyongyang’s increasingly bold corps of digital hackers. The attackers based their weapon on vulnerabilities that were stolen from the National Security Agency and published last month.

Security experts at Symantec, which in the past has accurately identified attacks mounted by the United States, Israel and North Korea, found early versions of the ransomware, called WannaCry, that used tools that were also deployed against Sony Pictures Entertainment, a Bangladesh Central Bank last year and Polish banks in February. American officials said Monday that they had seen the same similarities.

All of those attacks were ultimately linked to North Korea; President Barack Obama formally charged the North in late 2014 with destroying computers at Sony in retaliation for a comedy, “The Interview,” that envisioned a C.I.A. plot to kill Kim Jong-un, the country’s president.

The computer code used in the ransomware bore some striking similarities to the code used in those three attacks. That code has not been widely used, and has been seen only in attacks by North Korean-linked hackers. Researchers at Google and Kaspersky, a Moscow-based cybersecurity firm, confirmed the coding similarities.

Those clues alone are not definitive, however. Hackers often borrow and retrofit one another’s attack methods, and government agencies are known to plant “false flags” in their code to throw off forensic investigators.

“At this time, all we have is a temporal link,” said Eric Chien, an investigator at Symantec who was among the first to identify the Stuxnet worm, the American- and Israeli-led attacks on Iran’s nuclear program, and North Korea’s effort to steal millions from the Bangladeshi bank. “We want to see more coding similarities,’’ he said, “to give us more confidence.’’

The new leads about the source of the attacks came as technology executives d raised an alarm about another feature of the attacks: They were based on vulnerabilities in Microsoft systems that were found by the N.S.A. and apparently stolen from it.

 
ADDRESS
Editor : A.H.M Moazzem Hossain
Published by the Editor for International Publications Limited from Tropicana Tower (4th floor), 45, Topkhana Road, GPO Box : 2526 Dhaka- 1000 and printed by him from City Publishing House Ltd., 1 RK Mission Road, Dhaka-1000.
Telephone : PABX : 9553550 (Hunting), 9513814, 7172017 and 7172012 Fax : 880-2-9567049
Email : editor@thefinancialexpress-bd.com, fexpress68@gmail.com
Copyright © 2017. All rights reserved
Powered by : orangebdlogo
close