Cybersecurity researchers have found evidence they say could link North Korea with the WannaCry cyberattack that has infected more than 300,000 computers worldwide, as global authorities scrambled to prevent hackers from spreading new versions of the virus.
A researcher from South Korea’s Hauri Labs yesterday said their findings matched those of Symantec and Kaspersky Lab, which on Monday said that some code in an earlier version of the WannaCry software had also appeared in programs used by the Lazarus Group, identified by some researchers as a North Korea-run hacking operation.
“It is similar to North Korea’s backdoor malicious codes,” said Simon Choi, a senior researcher with Hauri who has done extensive research into the North’s hacking capabilities and advises South Korean police and National Intelligence Service.
Symantec and Kaspersky said it was too early to tell whether Pyongyang was involved in the attacks, based on the evidence that was published on Twitter by Google security researcher Neel Mehta.
The attacks, which slowed on Monday, are among the fastest-spreading extortion campaigns on record.
In Taiwan, the Central News Agency (CNA) said that the cyberattack infected computers in 10 schools, the state-run Taiwan Power Co (台電), a hospital and at least one private business.
However, it caused no damage to the schools’ core database systems.
The business, whose name was not given, reported paying US$1,000 in bitcoin to unlock files held hostage by the program.
There have been no reported incidents of the ransomware affecting government agencies, CNA said.
Chinese Ministry of Foreign Affairs spokeswoman Hua Chunying (華春瑩) said she had no information to share, when asked about the origin of the attack and whether North Korea might be connected.
Several Asian countries have been affected by the malware, although the impact has not been as widespread as some had feared.
In Malaysia, cybersecurity firm LE Global Services said it had identified 12 cases so far, including a large government-linked corporation, a government-linked investment firm and an insurance company. It did not name any of the entities.
Vietnam’s state media said more than 200 computers had been affected.
FireEye Inc, another large cybersecurity firm, said it was also investigating, but it was cautious about drawing a link to North Korea.
“The similarities we see between malware linked to that group and WannaCry are not unique enough to be strongly suggestive of a common operator,” FireEye researcher John Miller said.
US and European security officials said on condition of anonymity that it was too early to say who might be behind the attacks, but they did not rule out North Korea as a suspect.
The Lazarus hackers, acting for North Korea, have been more brazen in their pursuit of financial gain than others, and have been blamed for the theft of US$81 million from the Bangladesh central bank, according to some cybersecurity firms.
The Czech Republic’s Senate on Wednesday passed a resolution that supports a possible visit by the senate president to Taiwan. The resolution, initiated by Czech Senator Pavel Fischer, was passed with 50 votes in favor, one against and one abstention. The resolution blasts Beijing for having its Prague embassy send a letter to former Czech Senate president Jaroslav Kubera earlier this year threatening repercussions for Czech businesses if he visited Taiwan. The resolution shows the Senate’s support for a visit to Taiwan by Senate President Milos Vystrcil, accompanied by Czech business representatives, as the visit would be in the diplomatic long-term interests
The government and the Chinese Nationalist Party (KMT) yesterday both spoke out against plans by the Chinese government to enact a national security law in Hong Kong. Chinese officials yesterday confirmed that the National People’s Congress would review a bill “on establishing and improving the legal system and enforcement mechanisms for the Hong Kong Special Administrative Region to safeguard national security.” The Presidential Office said that the announcement was evidence that the “one country, two systems” framework fundamentally clashes with democratic freedoms. The de-escalation of tensions between Hong Kong and Beijing relies on the Chinese government’s willingness to respond to Hong Kongers’ demands,
STRONGER DEFENSES: The announcement could be considered tacit US support for the nation’s indigenous arms manufacturing program, Joseph Wu told lawmakers Just hours after President Tsai Ing-wen’s (蔡英文) inauguration on Wednesday, the US Department of State’s Defense Security Cooperation Agency announced in Washington the possible sale of 18 MK-48 Heavy Weight Torpedoes to Taiwan. Reacting to the announcement, Minister of Foreign Affairs Joseph Wu (吳釗燮) yesterday told a meeting of the Legislative Yuan’s Foreign Affairs and National Defense Committee that the ministry applauded the US move, which would help to uphold the Taiwan Relations Act (TRA). The TRA states that the US should “provide Taiwan with arms of a defensive character … to maintain the capacity of the US to resist any resort
NPP WARNING: The NPP’s chairman said that a security law proposed by Beijing means it has renounced its promise to maintain ‘one country, two systems’ in HK The Taiwan People’s Party (TPP) yesterday proposed changing the law to provide protection for those seeking political asylum. China at the opening of the National People’s Congress in Beijing on Thursday introduced a draft security law for Hong Kong to ban treason, subversion and sedition, with a review expected next week. TPP caucus whip Jang Chyi-lu (張其祿) said that the party is concerned about democracy advocates in Hong Kong and has taken action to support them. The party has proposed an amendment to Article 18 of the Act Governing Relations with Hong Kong and Macau (香港澳門關係條例), which stipulates that the government can offer