NHS WannaCry cyber attacks WERE carried out by North Korea-linked hackers called The Lazarus Group, tech sleuths claim

THE NHS hack attack was committed by a group of hackers previously suspected of links to North Korea, experts have discovered.

A reputable tech security firm called Symantec has published fresh research that "strongly" suggests the cyber attack was carried out by The Lazarus Group.


Some experts believe this shadowy organisation is linked to Kim Jong-un himself.

It was responsible for the Sony Pictures Entertainment hack in 2014, which caused major embarrassment for the entertainment firm, as well as attacks on South Korean targets.

At the time of the Sony hack, it was suggested the attack was revenge for the release of a film called The Interview, which mocked the pint-sized North Korean dictator.

Last week, Symantec presented evidence which suggested the Lazarus Group was linked to the NHS attacks and the subsequent global cyber-emergency caused by the WannaCry ransomware.

Now it has uncovered a smoking gun that suggests it's "highly likely that Lazarus was behind the spread of WannaCry".

It performed a detailed analysis of WannaCry and compared it to previous digital weapons used by the Lazarus Group.

Researchers found close similarities between WannaCry and the malware used in previous Lazarus Group attacks.

MOST READ IN TECH AND SCIENCE

CYBER WARNING

Alert issued in UK as Russian hackers set to launch large-scale cyber attacks

DON'T CONNECT

Simple iPhone mistake while outside could get you HACKED in seconds

WHAT LIES BENEATH

Lake could erupt and kill MILLIONS with poison gas cloud, experts warn

DON'T WAIT

iPhone expert reveals privacy setting EVERYONE to stop nosy pals

Symantec wrote: "Prior to the global outbreak on May 12, an earlier version of WannaCry called 'Ransom.Wannacry' was used in a small number of targeted attacks in February, March, and April.

"This earlier version was almost identical to the version used in May 2017, with the only difference the method of propagation.

"Analysis of these early WannaCry attacks by Symantec’s Security Response Team revealed substantial commonalities in the tools, techniques, and infrastructure used by the attackers and those seen in previous Lazarus attacks, making it highly likely that Lazarus was behind the spread of WannaCry."

However, it said the attacks were likely to have been carried out as a form of cybercrime, rather than an act of war by a nation.

Symantec added: "Despite the links to Lazarus, the WannaCry attacks do not bear the hallmarks of a nation-state campaign but are more typical of a cybercrime campaign."

WannaCry is a type of computer virus called ransomware, which locks down computers and will only unlock them when a ransom is paid.

Europol said the global WannaCry assault was the "largest ransomware attack observed in history".

Staff were forced to cancel or postpone operations and appointments as several hospitals and GPs surgeries were crippled by the hack.

Source: Read Full Article