On 16 September 2019, it is reported that the Us Treasury announced sanctions on the group trio from North Korea responsible for the WannaCry ransomware attacks.
These groups are suspected of having carried attacks on international financial institutions and jeopardized user accounts’ data integrity.
It is alleged that RGB, North Korean intelligence Bureau, controls these groups named as Lazarus Group, Andariel, and Bluenoroff. Lazarus Group attacks focus on Institutions like governments, military, financial, manufacturing, and entertainment
US Treasury Statement on Imposed Sanctions
WannaCry Malicious software has been used to attack more than 200,000 computer systems around the world. Cryptoworm Targeted Microsoft Windows Operating System in 2017 and demanded payments in Bitcoin after illegally encrypting data.
Kaspersky Lab researcher Kurt Baumgartner said that they linked WannaCry to Lazarus Group since some code in an earlier version of WannaCry matched that of programs used by Lazarus.
The US Treasury Undersecretary for Terrorism and Financial Intelligence, Sigal Mandelker stated:
“The Treasury is taking action against North Korean hacking groups that have been perpetrating cyberattacks to support illicit weapon and missile programs. We will continue to enforce existing US and UN sanctions against North Korea and work with the international community to improve the cybersecurity of financial networks.”
The sanctions state that people involved in transactions with the designated entities will be exposed to designation:
“All property and interests in property of these entities and of any entities that are owned, directly or indirectly, 50 percent or more by the designated entities, that are in the United States or in the possession or control of US persons, are blocked and must be reported to OFAC.”
Cryptoworm Ransomware Attacks
In 2017, Lazarus was directly linked to cyber attacks in the US, Russia, Australia, New Zealand, Canada, and the UK.
One of the largest agencies targeted by Cryptoworm was the National Health Service (NHS) in the UK. It affected Close to 70,000 devices like MRI scanners, blood-storage devices, and theater equipment.
The attacks by Cryptoworm stopped a few days after Microsoft released emergency patches and a kill switch that prevented the malware from spreading further.
There have been no arrests or convictions so far, even with an estimated loss of billions of dollars.
Comments