Photo Credit: Sliman Khader / Flash 90
A hacker wearing a mask sits at a computer. (illustrative)

North Korean hackers were behind the massive global “WannaCry” ransomware attack this past May that struck governmental entities, corporations and infrastructure in at least 150 countries, including Israel.

Affected countries included Russia, Australia, Belgium, France, Germany, Italy, Mexico and the United States in addition to Israel.

Advertisement

Corporations such as British National Healthcare System, FedEx, Spain’s Telefonica and Renault were affected as well as auto manufacturers Nissan and Renault, and global shipper FedEx.

The malware affected Microsoft Windows computers and encrypted files on hard drives, then demanded ransom payments in bitcoin to unscramble the data.

WannaCry and a second, similar ransomware, Petya, that followed a month later, were both spread around the world through Eternal Blue – a tool that was created by the National Security Agency and leaked online by the Shadow Brokers.

Amit Serper, Principal Security Researcher at an Israeli cybersecurity start-up called Cybereason, developed a “vaccination” against Petya that disables the ransomware. His method (RansomFree 2.3.0.0) kills the Petya application before it even starts encrypting files. It is the world’s most widely used free anti-ransomware tool.

Although it was initially believed that WannaCry was a variant of Petya, the U.S. later traced it to North Korea.

“After careful investigation, the United States is publicly attributing the massive WannaCry cyberattack to North Korea,” said Tom Bossert, White House homeland security and counter terrorism chief.

“We do not make this allegation lightly,” he said. “We do so with evidence, and we do so with partners.”

“This was a careless and reckless attack,” Bossert told reporters. “It affected individuals, industry, governments, and the consequences were beyond economic. The computers that were affected badly in the UK and their healthcare system put lives at risk, not just money.”

Other governments and private security firms who agreed with the U.S. findings included Britain, Australia, Canada, New Zealand, and Japan. Bossert told reporters that Microsoft was able to trace the attack to hackers linked to the North Korean government.

He added that a number of tech companies, including Microsoft and Facebook, recently stymied a number of North Korean “cyber exploits” that were infecting computers around the world. “They shut down accounts the North Korean regime hackers used to launch attacks, and patched systems,” Bossert said.

Cyber defense was among the major issues covered in U.S. President Donald Trump’s new National Security Strategy released earlier this week.

Likewise, it was a major subject for discussion at the weekly government cabinet meeting in Israel earlier this week as well. Prime Minister Benjamin Netanyahu announced at that meeting that the country’s military and civilian cyber defense agencies will soon be merging to form one National Cyber Authority instead.

Advertisement

SHARE
Previous articleNorth Korea Testing Anthrax-Packed Warheads on ICBMs
Next articleIsraeli Farmers, Nurseries Clamoring for Cannabis Permits
Hana Levi Julian is a Middle East news analyst with a degree in Mass Communication and Journalism from Southern Connecticut State University. A past columnist with The Jewish Press and senior editor at Arutz 7, Ms. Julian has written for Babble.com, Chabad.org and other media outlets, in addition to her years working in broadcast journalism.