Tuesday, May 16, 2017

Ransomware and Korea's digital divide

Mainstream media and tech blogs are full of reports that the recent massive ransomware cyber attacks may be linked to North Korea.  This episode adds more evidence that Korea's division is both a military and a digital one.  One example of current reporting is The Guardian's report similarities were spotted between details of last week’s massive cyber-attack and code used by a prolific cybergang with links to North Korean government.   The graphic at left (click to see a full size version) shows employees at the Korea Internet and Security Agency (Kisa) in Seoul at work on May 15 monitoring  possible ransomware cyber-attacks.  The Hangul in yellow at the top of the large wall screen says  "공격 현황 "or "attack status" in English.
The Guardian story, notes that  "The WannaCry exploits used in the attack were drawn from a cache of exploits stolen from the NSA by the Shadow Brokers in August 2016. The NSA and other government agencies around the world create and collect vulnerabilities in popular pieces of software (such as Windows) and cyberweapons to use for intelligence gathering and cyberwarfare. Once these vulnerabilities were leaked by the Shadow Brokers, they became available for cybercriminals to adapt for financial gain by creating ransomware. This ransomware spread rapidly on Friday by exploiting a vulnerability contained in the NSA leak, targeting computers running Microsoft’s Windows operating system, taking over users’ files and demanding $300 to restore them."
In response, the president of Microsoft stated that governments should view this massive cyber attack as a wake-up call.  Brad Smith added that “Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen.”
I would only add that this latest cyber attack episode underscores that the division on the Korean peninsula is both a military one, symbolized by the 38th parallel DMZ and a deep digital divide.  Quite clearly, North Korea seeks to advance both its missile and nuclear weapons programs and its capacity to wage cyber warfare.

No comments:

Post a Comment