cyber-security 02 November 2017

Pyongyang denies Wannacry attack

North Korea (‘DPRK’) has vehmently denied being behind the ransomware attack Wannacry, which affected more than 300,000 computers worldwide, including the UK’s National Health Service, in May 2017.

The malware held data on computer systems hostage until a ransom of between $300 and $600 in cryptocurrency Bitcoin was paid.

UK Home Office minister Ben Wallace told the BBC in late October than the government was ‘as sure as is possible’ that DPRK was responsible. Early reports into the cyberattack by researchers, such as South Korea’s Hauri Labs, had suggested that the source code from Wannacry software had also appeared in previous programmes used by North Korean hacking operations.

In a statement released on the Central Korean News Agency, a spokesman for the North Korea-Europe Association called the accusations ‘groundless speculation’ and a ‘wicked attempt’ to tighten international sanctions.

‘This is an act beyond the limit of our tolerance and it makes us question the real purpose behind the UK’s move,’ he said.

A succession of tough UN sanctions – implemented in response to Pyongyang’s relentless series of nuclear tests since 2016 – has aimed to starve the regime of funds by closing access to the global financial markets. The latest, Resolution 2375, passed in September 2017, banned the export of certain goods such as textiles, limited oil imports, blocked joint commercial ventures and placed a freeze on work permits for North Koreans abroad.

Cybersecurity experts have indicated that DPRK may have turned to Bitcoin to prop up the regime in the absence of alternative currency. In a report released in September, cybersecurity company Fireeye stated that North Korean actors had targeted at least three South Korean cryptocurrency exchanges since May 2017.