NSA Links WannaCry To North Korea (washingtonpost.com) 99
An anonymous reader quotes a report from The Washington Post: The National Security Agency has linked the North Korean government to the creation of the WannaCry computer worm that affected more than 300,000 people in some 150 countries last month, according to U.S. intelligence officials. The assessment, which was issued internally last week and has not been made public, is based on an analysis of tactics, techniques and targets that point with "moderate confidence" to North Korea's spy agency, the Reconnaissance General Bureau, according to an individual familiar with the report. The assessment states that "cyber actors" suspected to be "sponsored by" the RGB were behind two versions of WannaCry, a worm that was built around an NSA hacking tool that had been obtained and posted online last year by an anonymous group calling itself the Shadow Brokers. Though the assessment is not conclusive, the preponderance of the evidence points to Pyongyang. It includes the range of computer Internet protocol addresses in China historically used by the RGB, and the assessment is consistent with intelligence gathered recently by other Western spy agencies. It states that the hackers behind WannaCry are also called "the Lazarus Group," a name used by private-sector researchers.
Oh (Score:5, Insightful)
How convenient
Re:Oh (Score:4, Funny)
Looks like NK needs some democracy [cdn.meme.am]
Re: (Score:2)
NK has gained nothing from this. Maybe a small amount of cash that they can't do much with anyway.
NK is now the default option to blame when you don't have a clue - they deny everything anyway so no-one will take their denial as proof that you are wrong.
It's only bad when they do it, not us!!! (Score:5, Insightful)
Honestly such hypocrisy and double standards - the nsa hacks get leaked all the time and used for evil but when its another government doing it everyone must get up in arms about it! But as the dumbo in chief always says, its #fakesnews don't believe it folks!
Re: It's only bad when they do it, not us!!! (Score:1)
I'm sorry, but the NSA doesn't infect healthcare networks with ransomware and demand bitcoin payments. They surely do their fair share of offensive cyber operations, but not like criminals looking to score a buck.
Re: (Score:2)
Also, whoever did wannaCry was seriously amateur. I'm not impressed with the NSA "secret analysis." The NSA is known to be liars for propaganda purposes.
Funny! (Score:5, Funny)
Bullshit (Score:5, Insightful)
I don't beleive anything three letter agencies say any more about this stuff. It's already leaked that they have stockpiled these sorts of voilnerabilities and it was also shown in Wikileaks that they can and do impersonate other countries.
How do we know this isn't the Military Industrial complex trying to secure more lucrative sales?
Re:Bullshit (Score:5, Funny)
How do we know you're not a paid shill employed by foreign nations to help undermine public trust in American agencies?
Re:Bullshit (Score:4, Insightful)
Well except for all those Bitcoins they just made out of WannaCry (allegedly).
Re: (Score:2)
Re: (Score:1)
I don't beleive anything three letter agencies say any more about this stuff. It's already leaked that they have stockpiled these sorts of voilnerabilities and it was also shown in Wikileaks that they can and do impersonate other countries.
How do we know this isn't the Military Industrial complex trying to secure more lucrative sales?
North Korea is constantly threatening with physical tests using actual missiles. Somehow I don't see how a virtual threat is necessary in order to bolster budget justification to mitigate the risks related to that country and its regime. With threats splashing down closer and closer each year, the justification tends to be rather blatant.
Besides, I don't think it was them. If their missile program is any indication, they don't have hackers smart enough to execute a virtual attack even with borrowed code.
Re: (Score:3, Interesting)
Pyonyang has been financing itself for years by cyber attacks on large banks - they have quite sophisticated hacking abilities. They've also been under sustained cyber attack themselves (if a NK missile goes walkabout on test firing there's a fair chance it was compromised although it's not definite because they do have other quality issues) so I assume that they are reasonably sophisticated in cyber defense.
Re: (Score:2)
Even if they had hackers, would they have computers for them?
Re: (Score:1)
They actually have their own Linux distro: https://en.wikipedia.org/wiki/... [wikipedia.org]
Re: (Score:1)
> If their missile program is any indication
Their missile programme actually failed because CIA managed to infect them with a variant of the Tilde (Stuxnet) malware platform previously used against Iran's nuclear effort. For years the communists' rocket test data sets were metodically falsified and confused by the malware before Kaspersky found it. (That's why Senate got angry about Kaspersky last month.) Anyhow, it will take years for DPRK to start everything about big rocketry from sketch! This was dis
Re:Bullshit (Score:5, Interesting)
The only TLA that applies here is "CYA". I guess they think it's less embarrassing for another state actor to weaponize their leaked vulnerabilities than for some script kiddies scamming for bitcoin to do it.
Re:Bullshit (Score:5, Funny)
Damn right! Just last week I got a letter telling me my car could have an "accident" in the near future because of "faulty parts". Well, fuck you KIA.
Don't believe it (Score:5, Interesting)
Furthermore, the US seems to be on a PR campaign to blame NK. Yesterday, FBI&DHS put out a report claiming that big bad NK was building a botnet. They put out 8-year-old IOCs: https://www.us-cert.gov/ncas/a... [us-cert.gov]
Someone's pushing an agenda here...
Re: (Score:3)
https://arstechnica.com/securi... [arstechnica.com]
Re: (Score:2, Insightful)
The 'agenda' is news media needing something to print.
- look, studies come & go. Conversations about X and blaming Y happen all the time. ALL the time. But now in the immediate digital news age, if something get's released it is suddenly considered 'real and important'. In the general day-to-day stuff this is 'just another report' and even if factual, is hardly an agenda in itself. I found my wife's secret cookie stash... do I pursue it or is it just a tiny blip on the larger radar screen? I'll do
This dynamic will soon change (Score:4, Funny)
Dennis Rodman just gave the North Koreans a copy of The Art Of The Deal.
Re: (Score:2)
History is repeating itself as farce.
Wow (Score:1)
And there I was, thinking that maybe Bezos' money would bring back The Washington Post out of trash journalism and regain some credibility.
How wrong I was.
You know who else is linked to WannaCry? (Score:5, Insightful)
They are, the NSA, they gave away the vulnerability. They didn't warn M$ when they found the vulnerability. They didn't warn M$ as soon as their weapon was stolen.
Of course there is no reason to believe any official statements made by them, but the least they should do in this case is to shut up.
Re: (Score:2)
*I realize there was no official statement.
Re:You know who else is linked to WannaCry? (Score:5, Informative)
“NSA identified a risk and communicated it to Microsoft, who put out an immediate patch,” Mike McNerney, a former Defense Department cybersecurity official, told the Post.
It became public that they were stolen in August, when did they warn Microsoft? The "immediate patch" came in march, 8 months after everybody knowing about it.
I trust the NSA implicitly (Score:5, Interesting)
Let me guess... (Score:4, Insightful)
Oh wait, is Russia no longer the flavor of the month now that they realize the bogus claims won't stick?
Guess it's time to shoo up a new boogey man.
What would expect from Jeff Bezos (Score:2)
BS. Microsoft knew about WannaCry 6 months prior (Score:1)
Bullshit. The patches from Microsoft that fixed WannaCry were completely done and digitally signed several months before they released them, i.e. they had prior knowledge about it, most likely because NSA told them that the patches were going to be needed, and then served up a gag-order or something to the few people at Microsoft required to do this.
so use potcoin and lose your rights (Score:2)
dennis rodman is backed by them and now he is in NK doing stuff.
I don't believe it (Score:2)
NSA should do fake leaks for stuff like this (Score:2)
If they want people to even pretend to take anything they have to say seriously I feel like their only option is to make a report and fake "leak" it so it feels like we got something out of them that they didn't want. I certainly don't trust this agency to tell me anything and I can't imagine many other technical people do either.
But if I read it in on the Intercept from a leaked PDF that sends someone to jail I might!
Not sure I can trust anyone but myself anymore (Score:3)
Re: (Score:2)
I'd trust anyone who could drive at 3, and win yacht races at 9. Or anyone that could write 1,500 books in 3 years while attending University. He truly is history in the making [telegraph.co.uk].
His family is all sorts of incredible. There's pro-golfers that - in their first game - scored 15 points on an 18-hole course. Who wouldn't trust someone like that?
Re: (Score:2)
And likely find the sky to be black or red, but nearly any color besides blue.
Granted, I hear NASA is trying to change the color of the sky.
I don't buy it... (Score:2)
North Korea is so backwatered technology wise. And before you start touting the "bomb", realize the "bomb" is 1950's technology.
If you can believe, N. Korea only has 28 websites in the entire nation. Then you cannot believe they're capable of everything we conveniently blame on them.
http://www.npr.org/sections/th... [npr.org]
I do! (Score:1)
They can make nuclear bombs and chemical weapons (among other things) so, regarding military technology, they’re clearly more advanced than many other countries.
Additionally, if there is something that’s comparatively inexpensive, and does not require procuring tightly-watched materials, it’s cyber-hacking. So it’s clearly the ideal tool for a small nation with limited means, and it’s only logical that they would invest heavily into it. Not only for geopolitical purposes, but e
Not really... (Score:2)
All of that "bomb" tech is 50-60 years old. Most other countries don't engage in the development of such as it would result in too great of economic loss for them to do so. As most other nations are not like N. Korea, already isolated and out of the international markets.