Is North Korea Really Responsible for the WannaCry Malware Attack?

northkorea-wannacry

According to some of the top cybersecurity researchers, like Symantec, Kaspersky Lab and Google, there seems to be some technical evidence that the WannaCry malware attack that is infecting and wrecking havoc on more than 300,000 computers in over 150 countries, has a connection to the North Korean-run hacking operation known as the Lazarus Group.

The Lazarus Group, which has widely been regarded as a Korean nation-state hacking group, that has been blamed for a recent string of bank heists and well as the 2014 Sony hack.

First Links To Suspicion

Speculation of a possible North Korea connection went live today after Google researcher Neel Mehta posted a cryptic tweet showing similar code elements of the two pieces of malware, with the hashtag #WannaCryptAttribution, and researcher Matthiu Suiche then tweeted a screenshot of the two code families, saying, “Similitude between #WannaCry and Contopee from Lazarus Group ! thx @neelmehta – Is DPRK behind #WannaCry ?”

After the intriguing tweets, Kaspersky Lab late today posted a blog outlining the similarities between the WannaCry and Lazarus Group code. They confirmed that the February ransomware variant is a precursor to the WannaCry attacks this month. “It shares the same the list file extension targets for encryption but, in the May 2017 versions, more extensions were added,” they wrote.
“Neel Mehta’s discovery is the most significant clue to date regarding the origins of Wannacry,” Kaspersky researchers wrote. But they say more research is necessary to more definitively connect any dots.

Source: Researchers Investigate Possible Connection Between WannaCry and North Korean Hacker Group

reuters-wannacry-howitworks-xl

The Link? Shared Computer Code

Apparently, a variant of WannaCry found in February shared some computer code with a hacking tool the Lazarus group used in 2015.

“For now, more research is required into older versions of Wannacry,” Kaspersky Lab said in a blog post. “We believe this might hold the key to solve some of the mysteries around this attack.”

On Monday, security firm Symantec also reported finding clues that may link WannaCry with the shadowy group. It’s found earlier versions of the ransomware on machines that have been compromised by hacking tools used by Lazarus, according to Vikram Thakur, technical director at the company.
“Shortly after these tools were found on these machines, we could see WannaCry files showing up,” he said.

 Source: The WannaCry ransomware might have a link to North Korea

 

Still Just Suspicions, No Smoking Gun…Yet.

Some experts also report that the evidence is very circumstantial. And that it’s not uncommon for tools used in other hacks or often leaked on the internet so anyone interested could also use the shared code.

A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, U.S. May 15, 2017. Courtesy of Symantec/Handout via REUTERS ATTENTION EDITORS - THIS IMAGE WAS PROVIDED BY A THIRD PARTY. EDITORIAL USE ONLY. NO RESALES. NO ARCHIVE.?
A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, U.S. May 15, 2017. Courtesy of Symantec/Handout via REUTERS ATTENTION EDITORS – THIS IMAGE WAS PROVIDED BY A THIRD PARTY. EDITORIAL USE ONLY. NO RESALES. NO ARCHIVE.?

Hackers do reuse code from other operations, so even copied lines fall well short of proof.

U.S. and European security officials told Reuters on condition of anonymity that it was too early to say who might be behind the attacks, but they did not rule out North Korea as a suspect.

FireEye Inc (FEYE.O), another large cyber security firm, said it was also investigating a possible link.
“The similarities we see between malware linked to that group and WannaCry are not unique enough to be strongly suggestive of a common operator,” FireEye researcher John Miller said.

Source: Researchers See Possible North Korea Link To Global Cyber Attack

 

Looks like we have to wait and see if the evidence the cybersecurity researchers come up with can say definitively whether or not who was the real culprit in these attacks. You can, however, rest assured knowing that some of the best and brightest are on the case and will get to the bottom of this.

View our CyberSecurity section for more stories like this and other cybersecurity news.

 

New Cybersecurity Tool To Help HR Find Qualified Applicants

cybersecurity-skills-assesment-testingWhat’s going on with the CyberSecurity Industry’s talent, or lack thereof?

In today’s tech climate, not only are there 80,000 Entry-Level, Non-Sexy Tech Jobs that Undergrads Don’t Want, as we saw in yesterday’s post, but it looks like when they finally do apply the majority of applicants turn out to be unqualified.

“On average, 59 percent of enterprises get at least five applicants for each open cybersecurity position, but most of these applicants are unqualified,” the report states.

Most organizations surveyed are focused on hiring cybersecurity experts who have hands-on experience and certification rather than formal education. But, according to the report, in a newly burgeoning field, that’s hard to find.

“Almost 27 percent of respondents state that they are unable to fill open cybersecurity positions in their enterprises—with another 14 percent of respondents unaware as to whether their enterprises could fill these positions or not,” the report states.
Source: REPORT: INDUSTRY GROUP RAISES ALARM ABOUT CYBERSECURITY SKILLS GAP

Help is Available

But ISACA is looking to fix that by helping HR departments find the most qualified it pros with their certification platform, which provides a 2-hour test that will report on strength and weaknesses of a candidate as well as offer performance based online training.

“It is all virtual machines, which means in each particular lab you’re talking to a real firewall, a real DMZ, a real web server, a real database server, whatever the configuration happens to be,” Chief Innovation Officer Frank Schettini explained to Associations Now. “And they’re actually up and live up in the cloud, so it is actually a real-time lab.”
Source: NEW TOOL LETS HR TEST APPLICANTS’ CYBERSECURITY SKILLS

Streamlining The Process

It helps HR easily test competencies of a cybersecurity candidate as well as letting managers improve their existing IT employees.

“Now instead of going through a process of blindly hiring someone, you go through the process of having them run the skills assessment test, reading the results, and then deciding whether you want to hire the individual,” Schettini said.

“What this tool allows you to do is … know up front before you hire them what type of training investment you’re going to want to do to bring them on board,” he continued. “So the hiring process becomes much more straightforward—you know what you’re getting, you know what training program you want to set up—and the beauty of the platform is you can leverage the platform any way you want to set up that training program.”

Source: NEW TOOL LETS HR TEST APPLICANTS’ CYBERSECURITY SKILLS

Hopefully, this tool, along with a real concerted effort to teach the much-needed cybersecurity skills to the new crop of it professionals, will help us close our rather large current skills gap.

You can always come here for the latest news for IT and Telecom Professionals

The $80,000 Entry-Level, Non-Sexy Tech Jobs Undergrads Don’t Want

usd-undergradsAshton Mozano, a cybersecurity professor at the University of San Diego, details how most of the undergrads with a computer science or computer engineering degree, would rather create new products and technologies for Apple and Google than design and operate systems that spot, resist and alleviate a variety of attacks, than work in the non-sexy realm of cybersecurity despite the fact that most of the jobs, pay extremely well with the some of the  lower-level positions paying as much as $80,000 a year. Management positions can top $235,000!

The nation’s colleges and universities are scrambling to add courses to prepare students to fill the huge number of cybersecurity jobs that have arisen due to exponential growth in hacking worldwide. The extent of the problem isn’t clear; analysts say the number of job vacancies ranges from 100,000 to 350,000, with as many as 45,000 positions in California. Ashton Mozano, a cybersecurity professor at the University of San Diego, says there are thousands of $80,000 entry-level jobs available to applicants who have nothing more than an undergraduate degree in computer science or computer engineering. Tons of $80,000 entry-level jobs going ignored – The San Diego Union-Tribune

 

Check here for more IT Pro news

IT Pros, Are These The Best Reporting Tool Vendors in 2017?

big-data-tools

IT Pros and their tools

It’s been said that the best investment is in the tools of one’s own trade and let’s face it, as an IT Professional, there are plenty of tools that are needed to do an effective job.

Tools that help you monitor the network and scan for vulnerabilities, to tools that help you manage, troubleshoot and diagnose your systems and applications.

Here’s IT Central Station’s list of the Best Reporting Tools Vendors for 2017?

Are These The Best Reporting Tools For IT Professionals in 2017

IT Central Station

Over 202,381 professionals have used IT Central Station research on enterprise tech. Their site lets it pros compare the tools based on product reviews, ratings, and comparisons. All of their reviews and ratings are from real users, validated by their triple authentication process.

 

#5 IBM Cognos

Cognos Software is IBM’s Business Intelligence and Performance Management solution, offering BI, strategy management, financial performance, and data analytics applications. Cognos caters to all levels in an organization with products designed for individuals, workgroups, departments, mid-size companies, and big enterprises.

#4 Microsoft BI

Microsoft BI is a business intelligence solution that turns data into insightful and useful business information that is relevant to all levels of the business.

Microsoft BI combines familiar Microsoft tools – Office, SharePoint, and SQL server, with extra features for end-users, such as Power View and Power Pivot. This powerful product gives businesses a competitive advantage by allowing end-users to better analyze their data, collaborate and better present their data.

#3 Oracle OBIEE

OBIEE is a multifaceted network of tools that can create a more fluid and better-integrated data flow for your business. This service is actually a platform that is made up of six individual elements, rather than a single tool with multiple features. These services include: presentation catalog, BI presentation service, BI scheduler service, BI server service,administration client, and metadata repository.

The purpose of the OBIEE is to have an entire system for all of your enterprising needs. The various tools within the suite can take your data, organize it, analyze it and then glean the pertinent information from it,sending it on to the relevant parties who can then use it for metrics, pattern analysis, and future projections. The essence of the platform is to integrate your current IT together with their tools in order to give you the overall best return on investment with minimal fiscal obligations.

#2 QlikView

QlikView is a Business Intelligence tool that allows you to keep tabs on all of your business-related information in a clean, clear, and easy to access database that is intuitive to build and simple to navigate. It is ideal for business owners who wish to improve overall output by creating the most productive system possible.

#1 Tableau

Tableau is an enterprise analytics platform that enables your organization to explore trusted data in a secure and scalable environment. It gives people access to intuitive visual analytics, interactive dashboards, and limitless ad-hoc analyses that reveal hidden opportunities and eureka moments alike. Get the security, governance, and management you require to confidently integrate Tableau into your business—on-premises or in the cloud—and deliver the power of true self-service analytics at scale.

Did your favorite make the list?

Check here for more IT Pro news