Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security Privacy Windows

NSA Links WannaCry To North Korea (washingtonpost.com) 99

An anonymous reader quotes a report from The Washington Post: The National Security Agency has linked the North Korean government to the creation of the WannaCry computer worm that affected more than 300,000 people in some 150 countries last month, according to U.S. intelligence officials. The assessment, which was issued internally last week and has not been made public, is based on an analysis of tactics, techniques and targets that point with "moderate confidence" to North Korea's spy agency, the Reconnaissance General Bureau, according to an individual familiar with the report. The assessment states that "cyber actors" suspected to be "sponsored by" the RGB were behind two versions of WannaCry, a worm that was built around an NSA hacking tool that had been obtained and posted online last year by an anonymous group calling itself the Shadow Brokers. Though the assessment is not conclusive, the preponderance of the evidence points to Pyongyang. It includes the range of computer Internet protocol addresses in China historically used by the RGB, and the assessment is consistent with intelligence gathered recently by other Western spy agencies. It states that the hackers behind WannaCry are also called "the Lazarus Group," a name used by private-sector researchers.
This discussion has been archived. No new comments can be posted.

NSA Links WannaCry To North Korea

Comments Filter:
  • Oh (Score:5, Insightful)

    by Anonymous Coward on Thursday June 15, 2017 @08:06AM (#54624845)

    How convenient

  • by Anonymous Coward on Thursday June 15, 2017 @08:07AM (#54624849)

    Honestly such hypocrisy and double standards - the nsa hacks get leaked all the time and used for evil but when its another government doing it everyone must get up in arms about it! But as the dumbo in chief always says, its #fakesnews don't believe it folks!

    • I'm sorry, but the NSA doesn't infect healthcare networks with ransomware and demand bitcoin payments. They surely do their fair share of offensive cyber operations, but not like criminals looking to score a buck.

    • It's ironic because the NSA actually made these weapons.
      Also, whoever did wannaCry was seriously amateur. I'm not impressed with the NSA "secret analysis." The NSA is known to be liars for propaganda purposes.
  • Funny! (Score:5, Funny)

    by helsinki92 ( 1617881 ) on Thursday June 15, 2017 @08:08AM (#54624855)
    Pot, meet Kettle. NSA finds the exploit and North Korea weaponizes it and sends it into the wild.
  • Bullshit (Score:5, Insightful)

    by Anonymous Coward on Thursday June 15, 2017 @08:09AM (#54624861)

    I don't beleive anything three letter agencies say any more about this stuff. It's already leaked that they have stockpiled these sorts of voilnerabilities and it was also shown in Wikileaks that they can and do impersonate other countries.

    How do we know this isn't the Military Industrial complex trying to secure more lucrative sales?

    • Re:Bullshit (Score:5, Funny)

      by Anonymous Coward on Thursday June 15, 2017 @08:20AM (#54624919)

      How do we know you're not a paid shill employed by foreign nations to help undermine public trust in American agencies?

    • by Anonymous Coward

      I don't beleive anything three letter agencies say any more about this stuff. It's already leaked that they have stockpiled these sorts of voilnerabilities and it was also shown in Wikileaks that they can and do impersonate other countries.

      How do we know this isn't the Military Industrial complex trying to secure more lucrative sales?

      North Korea is constantly threatening with physical tests using actual missiles. Somehow I don't see how a virtual threat is necessary in order to bolster budget justification to mitigate the risks related to that country and its regime. With threats splashing down closer and closer each year, the justification tends to be rather blatant.

      Besides, I don't think it was them. If their missile program is any indication, they don't have hackers smart enough to execute a virtual attack even with borrowed code.

      • Re: (Score:3, Interesting)

        by DarenN ( 411219 )

        Pyonyang has been financing itself for years by cyber attacks on large banks - they have quite sophisticated hacking abilities. They've also been under sustained cyber attack themselves (if a NK missile goes walkabout on test firing there's a fair chance it was compromised although it's not definite because they do have other quality issues) so I assume that they are reasonably sophisticated in cyber defense.

      • Besides, I don't think it was them. If their missile program is any indication, they don't have hackers smart enough to execute a virtual attack even with borrowed code.

        Even if they had hackers, would they have computers for them?

      • by Anonymous Coward

        > If their missile program is any indication

        Their missile programme actually failed because CIA managed to infect them with a variant of the Tilde (Stuxnet) malware platform previously used against Iran's nuclear effort. For years the communists' rocket test data sets were metodically falsified and confused by the malware before Kaspersky found it. (That's why Senate got angry about Kaspersky last month.) Anyhow, it will take years for DPRK to start everything about big rocketry from sketch! This was dis

    • Re:Bullshit (Score:5, Interesting)

      by Kiaser Zohsay ( 20134 ) on Thursday June 15, 2017 @08:51AM (#54625047)

      The only TLA that applies here is "CYA". I guess they think it's less embarrassing for another state actor to weaponize their leaked vulnerabilities than for some script kiddies scamming for bitcoin to do it.

    • Re:Bullshit (Score:5, Funny)

      by DontBeAMoran ( 4843879 ) on Thursday June 15, 2017 @09:08AM (#54625177)

      I don't believe anything three letter agencies say any more.

      Damn right! Just last week I got a letter telling me my car could have an "accident" in the near future because of "faulty parts". Well, fuck you KIA.

  • Don't believe it (Score:5, Interesting)

    by campuscodi ( 4234297 ) on Thursday June 15, 2017 @08:20AM (#54624923)
    Recored Future is disputing WaPo's findings: https://www.recordedfuture.com... [recordedfuture.com]
    Furthermore, the US seems to be on a PR campaign to blame NK. Yesterday, FBI&DHS put out a report claiming that big bad NK was building a botnet. They put out 8-year-old IOCs: https://www.us-cert.gov/ncas/a... [us-cert.gov]
    Someone's pushing an agenda here...
    • by AHuxley ( 892839 )
      Recall Marble and the language samples? It had Korean. (4/3/2017)
      https://arstechnica.com/securi... [arstechnica.com]
    • Re: (Score:2, Insightful)

      by Anonymous Coward

      The 'agenda' is news media needing something to print.

      - look, studies come & go. Conversations about X and blaming Y happen all the time. ALL the time. But now in the immediate digital news age, if something get's released it is suddenly considered 'real and important'. In the general day-to-day stuff this is 'just another report' and even if factual, is hardly an agenda in itself. I found my wife's secret cookie stash... do I pursue it or is it just a tiny blip on the larger radar screen? I'll do

  • by Anonymous Coward on Thursday June 15, 2017 @08:21AM (#54624927)

    Dennis Rodman just gave the North Koreans a copy of The Art Of The Deal.

  • by Anonymous Coward

    And there I was, thinking that maybe Bezos' money would bring back The Washington Post out of trash journalism and regain some credibility.

    How wrong I was.

  • by zedaroca ( 3630525 ) on Thursday June 15, 2017 @08:37AM (#54624993)

    They are, the NSA, they gave away the vulnerability. They didn't warn M$ when they found the vulnerability. They didn't warn M$ as soon as their weapon was stolen.

    Of course there is no reason to believe any official statements made by them, but the least they should do in this case is to shut up.

  • by JoeyRox ( 2711699 ) on Thursday June 15, 2017 @08:37AM (#54624995)
    Why would a government agency spying on me have a reason to lie?
  • Let me guess... (Score:4, Insightful)

    by Anonymous Coward on Thursday June 15, 2017 @08:37AM (#54624997)

    Oh wait, is Russia no longer the flavor of the month now that they realize the bogus claims won't stick?

    Guess it's time to shoo up a new boogey man.

  • Washington Post, whose Amazon inked a deal with the CIA to bring their operations into the cloud. Lots of free press....
  • Bullshit. The patches from Microsoft that fixed WannaCry were completely done and digitally signed several months before they released them, i.e. they had prior knowledge about it, most likely because NSA told them that the patches were going to be needed, and then served up a gag-order or something to the few people at Microsoft required to do this.

  • dennis rodman is backed by them and now he is in NK doing stuff.

  • This sounds a lot like the government saying that Saddam Hussein had weapons of mass destruction when he did not. This was used to justify a war that maimed an unknown number of men and women mentally and physically. Don't you believe it.
  • If they want people to even pretend to take anything they have to say seriously I feel like their only option is to make a report and fake "leak" it so it feels like we got something out of them that they didn't want. I certainly don't trust this agency to tell me anything and I can't imagine many other technical people do either.

    But if I read it in on the Intercept from a leaked PDF that sends someone to jail I might!

  • As much as I think North Korea is a cancer on the face of the world, and that Kim Jong Un needs to suffer a tragic and fatal 'accident', I don't trust the CIA, NSA, or any other U.S. intelligence agency as far as I could throw them, so who knows if anything is actually true or not.
  • North Korea is so backwatered technology wise. And before you start touting the "bomb", realize the "bomb" is 1950's technology.

    If you can believe, N. Korea only has 28 websites in the entire nation. Then you cannot believe they're capable of everything we conveniently blame on them.
    http://www.npr.org/sections/th... [npr.org]

    • They can make nuclear bombs and chemical weapons (among other things) so, regarding military technology, they’re clearly more advanced than many other countries.

      Additionally, if there is something that’s comparatively inexpensive, and does not require procuring tightly-watched materials, it’s cyber-hacking. So it’s clearly the ideal tool for a small nation with limited means, and it’s only logical that they would invest heavily into it. Not only for geopolitical purposes, but e

      • All of that "bomb" tech is 50-60 years old. Most other countries don't engage in the development of such as it would result in too great of economic loss for them to do so. As most other nations are not like N. Korea, already isolated and out of the international markets.

If you aren't rich you should always look useful. -- Louis-Ferdinand Celine

Working...