Security officials in South Korea, the United States and elsewhere say it is a well-known fact
that the North Korean authorities have long trained squads of hackers and programmers, both to sabotage computers of adversaries and make money for the government, including through the use of ransomware — malicious software that blackmails victims into paying to release seized files.
Choi Sang-myung, an adviser to South Korea’s cyberwar command and a security researcher at Hauri Inc., said
that the arithmetic logic in the ransomware attacks that began on Friday and have hit more than 100 countries, including China, is similar to that used in previous attacks against Sony Pictures and the Swift international bank messaging system — both of them traced to North Korea.
Focus Turns to North Korea Sleeper Cells as Possible Culprits in Cyberattack -
By CHOE SANG-HUN and PAUL MOZURMAY 16, 2017
SEOUL, South Korea — They take legitimate jobs as software programmers in the neighbors of their home country, North Korea.
While there is still nothing definitive to link the attacks to North Korea, similarities exist between the ransomware
used to extort computer users into paying the hackers and previously deployed North Korean malware codes.
Cybersecurity officials in South Korea and elsewhere say
that when instructions come from their superiors in North Korea, these hackers are activated to attack targets.
