Ending North Korea’s Cyber Impunity Evidence suggests Pyongyang is behind the Wannacry ransomware.


The world will have to take Pyongyang’s hackers as seriously as its nuclear weapons and missile programs. That’s one conclusion from Monday’s evidence from a private cybersecurity firm that North Korean hackers are behind the Wannacry ransomware that froze computers and encrypted data around the world on May 12.

Symantec says it found the digital footprints of the Lazarus Group, a hacking syndicate that took data from Sony Entertainment in 2014 and stole $81 million from Bangladesh’s central bank last year. While computer forensics can’t finger hackers with 100% certainty, the code, techniques and servers point to Pyongyang.

The Symantec findings come as Reuters published new details this week about North Korea’s growing cyberwarfare capabilities. According to a former computer-science professor who defected in 2004, a unit within the country’s spy agency hacks into foreign financial institutions to steal cash. The Wannacry worm demands that victims pay in Bitcoin to get their data back. So far it’s extorted about $100,000. But the North’s hackers are capable and persistent. They appear to have built the worm in part with hacking tools stolen from the U.S. government and released on the internet last month.

State-sponsored hacking for profit is unique to North Korea—a useful reminder that it isn’t so much a country as a criminal syndicate operating for the benefit of the Kim family. As sanctions close off other avenues for earning foreign currency, Pyongyang will likely step up its cyberattacks.

Pyongyang has suffered little retaliation for its cyberwarfare, which includes the hacking of a South Korean nuclear plant. After the Sony attack three years ago, Barack Obama promised to retaliate: “We will respond proportionally, and we’ll respond in a place and time and manner that we choose.” But the follow-through was underwhelming: A few North Korean institutions and individuals were barred from doing business in the U.S.

Last year Congress passed Rep. Ed Royce’s bill to sanction banks facilitating North Korea’s finances, and the Trump Administration can move to implement it. This month a new bill from Rep. Royce to toughen sanctions on the North’s shipping and exports of slave labor passed the House with bipartisan support. That would be another good way to make Pyongyang pay a price for its criminal acts.

Comments are closed.