Microsoft fingers North Korea as WannaCry mastermind

The WannaCry malware attack will likely go down as the event which woke the world up to the real potential for cyber-attacks to cripple essential infrastructure, after taking down some parts of UK’s National Health Service for several days and having devastating effects on companies in many other parts of the world.

Now Microsoft president and chief legal counsel Brad Smith has claimed to have identified the entity behind the attacks.

Microsoft President Brad Smith told ITV that he believed “with great confidence” that North Korea was behind the worldwide WannaCry cyberattack using “cyber tools or weapons stolen from the NSA.”

WannaCry affected 200,000 computers in 150 countries but was not very good at being ransomware, with a very poor mechanism for collecting money from victims, and none of the money collected actually being spent.

“I think at this point that all observers in the know have concluded that WannaCry was caused by North Korea using cyber tools or weapons that were stolen from the National Security Agency in the United States,” Smith said.

Shortly after the hack,  prominent Google security researcher Neel Mehta revealed a resemblance between the code used in an early version of WannaCry ransomware, and that in a hacker tool attributed to the Korean Lazarus Group.

In May, a South Korean government-commissioned report produced by the Financial Security Institute (FSI) said that North Korea was responsible for the attack on Sony’s entertainment business in 2014.

According to Smith, over the last six months, the world has “seen threats come to life… in new and more serious way.”

While Microsoft computers were the main target of the WannaCry attacks, they may have been a boon for Microsoft, driving a wave of upgrades as unsupported versions of Windows computers were proven not to just be insecure but an actual threat to business continuity.

Despite this Brad Smith continued his push for a cease-fire in the cyber wars currently ongoing between various actors, including USA, Russia and North Korea.

“We need governments to come together as they did in Geneva in 1949 and adopt a new digital Geneva Convention that makes clear that these cyber-attacks against civilians, especially in times of peace, are off-limits and a violation of international law,” he added.


Some links in the article may not be viewable as you are using an AdBlocker. Please add us to your whitelist to enable the website to function properly.