North Korea behind WannaCry ransomware attack

The US government has officially accused North Korea of ​​supporting the creation of the WannaCry ransomware attack in mid-2017.

WannaCry is a cyber security disaster that occurred in May 2017 on a global scale, causing billions of dollars in damage and greatly affecting not only many large companies and corporations in the world but also public systems such as hospitals, train stations, airports... in many countries.

After predictions, according to the Wall Street Journal, the US government has just officially accused North Korea of ​​being behind the WannaCry disaster. Thomas P. Bossert, US homeland security advisor, said that the North Korean government must be directly responsible for the widespread attacks, causing billions of dollars in damage. WannaCry is believed to have been carried out by a hacker group called Lazarus, under the direction of the North Korean government.

When the disaster occurred in May, the UK health system was the first target of this hacker group. Then this ransomware spread all over the world. It is estimated that millions of computers in many businesses around the world were affected by the WannaCry malware.

The US believes North Korea is behind the WannaCry ransomware attack. Photo: WSJ

The Lazarus hacker group was also accused of masterminding the 2014 attack on Sony Pictures, which resulted in the leak of a series of important documents from the company. The reason was said to be because the company produced the film Interview, which was about the assassination of the North Korean leader.

In addition to the recent US statement, the British government has also speculated that North Korea backed and created the WannaCry disaster. Even Microsoft has said that North Korea is involved in this ransomware attack. In addition to accusing North Korea of ​​being behind WannaCry, the US government has also stated that they will continue to apply pressure and have a strategy to prevent other similar cyberattacks.

WannaCry is a variant of ransomware, also known as WannaCrypt0r 2.0 or WCry, which began spreading worldwide on May 11. This malware can spread to vulnerable computers without requiring users to directly interact with malicious attachments or links.

After infection, WannaCry encrypts data on the user's computer with office file formats, multimedia files, programming source code, encryption certificates or graphic files... Then displays a ransom notice in Bitcoin to decrypt and rescue the data.

Vietnam is in the top 20 most affected countries and territories, along with Ukraine, India, China, Taiwan...

According to VNE