![]() This Bureau seems to lead the cyber warfare “charge” of NK. Subsequently, this is part of the Reconnaissance General Bureau, NK’s CIA or MI6 equivalent. Internally known as the “ 414 Liaison Office” according to North Korean defector Kim Kuk-song. In short, Lazarus’s current mission appears to be an extension of North Korea’s will to acquire foreign currency. The group first seemed to enter the public eye in or around 2009. Subsequently, they operate under a wide range of monikers from “APPLE WORM”, “GROUP 77”, and the “GUARDIANS OF PEACE”. Above all, the group mainly performs targeted offensive cyber operations. “The intelligence community will probably take away from this that there is a possibility of splinters in the Lazarus Group, or members who are interested in filling their own pockets, and that could help,” Thakur said.The Lazarus Group is an offensive component of North Korea’s cyber warfare strategy and operations. If the hackers’ main objective was to earn money on the side, that would suggest an undisciplined hacking operation run by North Korea, one that could be exploited and weakened by the country’s many foes. Thakur said a less likely scenario is that Lazarus’ main aim was to create chaos by distributing WannaCry. SEE ALSO: Best cybersecurity solutions for keeping threats at bay ![]() It is also possible the writer in question was a contractor in another country, he said. Source: Shutterstockīeau Woods, deputy director of the Cyber Statecraft Initiative at the Atlantic Council, said the Korean language used in some versions of the WannaCry ransom note was not that of a native speaker, making a Lazarus connection unlikely.īut Thakur said some hackers deliberately obfuscate their language to make tracing them harder. WannaCry exploited a Windows networking protocol, which allowed the ransomware to spread within networks. The Shadow Brokers endorsed that theory, perhaps to take heat off their own government backers for the disaster. intelligence believe to be affiliated with Russia.Īnalysts have been weighing in with various theories on the identity of those behind WannaCry, and some early evidence had pointed to North Korea. That program was among a batch leaked or stolen and then dumped online by a group calling itself The Shadow Brokers, who some in U.S. SEE ALSO: Real winners of the WannaCry ransomware attack? Insurance companies The most effective version of WannaCry spread via a flaw in Microsoft Windows and a program that took advantage of it that had been used by the US National Security Agency, officials said privately. With WannaCry, Thakur said, Lazarus Group members could have been moonlighting to make extra money, or they could have left government service, or they could have been contractors without direct obligations to serve only the government. By custom, Symantec does not attribute cyber campaigns directly to governments, but its researchers did not dispute the common belief Lazarus works for North Korea. ![]() Lazarus is the name many security companies gave to the hacking group behind the Sony attack and others. “We don’t think this is an operation run by a nation-state.” “Our confidence is very high this is the work of people associated with the Lazarus Group because they had to have source code access,” Thakur said in an interview. SEE ALSO: Asia Pacific braces for next wave as cyberattack fallout continues The United States government and private companies have accused North Korea in the 2014 Sony attack.Īt the same time, flaws in the WannaCry code, its wide spread and its demands for payment in the electronic bitcoin before files are decrypted suggest the hackers were not working for North Korean government objectives in this case, said Symantec‘s security response technical director Vikram Thakur. In addition, the same Internet connection was used to install an early version of WannaCry on two computers and to communicate with a tool that destroyed files at Sony Pictures Entertainment.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |