If WannaCry is a NSA creation, is this report of a US cyber security company (FireEye) linking a Vietnamese government hacker group (APT32) to cyber-espionage hacking, throwing a stone in the opposite direction, taking the heat off of the NSA?
According to an US cybersecurity company, a group of hackers allegedly linked to the Vietnamese government have targeted transnational companies, foreign governments, journalists and others in a cyberattack.
Vietnamese Government Allegedly Involved in Cyberattacks on Foreign Companies
https://sputniknews.com/world/201705151053627929-government-vietnam-cyberattacks/
A group of hackers allegedly linked to the Vietnamese government have targeted transnational companies, foreign governments, journalists and others in a cyberattack, the motive behind which was espionage, US cybersecurity company FireEye said in a report.
“Based on incident response investigations, product detections, and intelligence observations along with additional publications on the same operators,
FireEye assesses that APT32 is a cyber-espionage group aligned with Vietnamese government interests. The targeting of private sector interests by APT32 is notable and FireEye believes the actor poses significant risk to companies doing business in, or preparing to invest in, the country,” the report, published on Monday, reads.
According to the report, Vietnamese, US, Philippine and European companies fell victim to the attacks by the so-called APT32 group (also known as the OceanLotus Group) from 2014 to 2017.
In response to the FireEye’s report, Hanoi refuted the allegations and denied its involvement in any kind of the cyber espionage.
The Government of Viet Nam does not allow any form of cyber-attacks against organizations or individuals … All cyber-attacks or threats to cybersecurity must be condemned and severely punished in accordance with regulations and laws," the Vietnamese Foreign Ministry’s spokesperson said, as quoted by the CNBC broadcaster.
In April, the international police cooperation agency Interpol said that its anti-cybercrime operation in Southeast Asia showed that around 270 websites in the region, among them several government portals with information on citizens, were laden with a malware code.
According to Interpol, almost 9,000 command and control servers in eight member states of the Association of Southeast Asian Nations (ASEAN), which Vietnam is a part of, were compromised through ransomware, DDoS attacks and spam.
Institutions of the European Union have not been affected by recent global cyberattacks, the European Commission's spokesman, Margaritis Schinas, said Monday.
No EU Institution Hit by Global Cyberattack
https://sputniknews.com/science/201705151053624993-eu-global-cyberattack/
According to Schinas,
the European Commission has received no reports from any of the EU institution or agency on the attacks.
Last Friday, the Kaspersky Lab IT company registered about 45,000 ransomware attacks in 74 countries worldwide, with the largest number of targets in Russia. The company reported that the attack was carried out with the use of ransomware dubbed WannaCry. The malicious software has reportedly infected computers in up to a hundred countries and tried to extort users' money.
On Sunday, Europol Executive Director Rob Wainwright said that the global cyberattack may continue on Monday. According to Wainwright, the attack affected 200,000 users in 150 countries, including businesses and large corporations.
According to Microsoft, the ransomware, which was used in a recent major cyberattack, originated in the United States.
A government structure is unlikely behind the recent ransomware cyberattacks across the world, former CIA Deputy Director Michael Morell stated in an interview on Monday.
Global Cyberattack Unlikely State Sponsored - Ex-CIA Chief
https://sputniknews.com/science/201705151053638030-globa-cyberattack-cia-morell/
Morell stated that the recent cybercrime was the largest in history.
"I don't think this was a nation state. I think this was organized crime, I think this was cybercrime," Morell told CBS News. "They're demanding ransom in order to free up the data that they're encrypting, I think that underscores that."
Earlier on Monday, US President Donald Trump’s Homeland Security Adviser Tom Bossert said he does not rule out that a state actor can be behind cyberattacks.
However, the Microsoft said earlier in the day that the current virus originates from that developed by the NSA.
Cybercriminals of the recent major ransomware attack that affected dozens of countries gathered more than $42,000 from users, media reported Monday.
Perpetrators of Friday Worldwide Cyberattack Extorted Over $42,000
https://sputniknews.com/science/201705151053624825-cyberattack-perpetrators-money/
According to The Times newspaper,
the money has not been withdrawn from the accounts that victims of the cyberattack were asked to send money from in the form of bitcoin cryptocurrency, while law enforcement authorities continue to monitor the accounts.
The UK National Crime Agency reportedly cooperates with the Europol and the UK Government Communications Headquarters’ National Cyber Security Centre in tracing the hackers.
According to security officials, the attack was more likely performed by criminals rather than sponsored by a state, the newspaper specified.
Since Friday, 200,000 computers across 150 countries were hit by the ransomware cyberattacks, according to the Europol.
The ransomware, which was used in a recent major cyberattack, originated in the United States thus it is strange to hear accusations of Russia's alleged involvement in the attack, Russian President Vladimir Putin said Monday.
Russia Not Involved in Recent Major Cyberattack, Ransomware Originated in US
https://sputniknews.com/politics/201705151053623712-ransomware-cyberattack-putin/
The hacker attack] is a matter of concern. As for the source of those threats, in my opinion, the Microsoft authorities clearly stated… that the special services of the United States were the primary source of this virus. Russia has nothing to do with it. I am surprised to hear anything else in these circumstances," Putin said at a press conference at the end of his visit to China.
Putin stressed that the current situation served as a good example of searching for someone guilty in a wrong place.
There have been no new WannaCry ransomware attacks so far but the risk still remains, the UK National Crime Agency said Monday.
Risk of New WannaCry Ransomware Attack Persists - UK National Crime Agency
https://sputniknews.com/science/201705151053635475-risk-wannacry-attack-uk/
"We haven’t seen a second spike in #WannaCry #ransomware attacks, but that doesn’t mean there won’t be one," the agency wrote on its Twitter account.
Malicious software, called WannaCry, affected, among other institutions and organizations, the UK public health system NHS, the German state rail company Deutsche Bahn, the Russian Interior Ministry and banks.
The virus blocked computers with messages flashing on the screen demanding money to remove the restriction.
In the aftermath of the global WannaCry ransomware attack, which has spread around the globe like wildfire, a significant number of corporations and public services have found their infrastructure grinding to a halt, unable to operate with unprotected if mission-critical computers taken offline indefinitely. Some of the more prominent examples so far include:
Bank of China ATMs Go Dark As Ransomware Attack Cripples China (Photos - Tweets - Video)
http://www.zerohedge.com/news/2017-05-13/bank-china-atms-go-dark-ransomware-attack-slams-china
NHS: The British public health service - the world's fifth-largest employer, with 1.7 million staff - was badly hit, with interior minister Amber Rudd saying around 45 facilities were affected. Several were forced to cancel or delay treatment for patients.
◦Germany's Deutsche Bahn national railway operator was affected, with information screens and ticket machines hit. Travelers tweeted pictures of hijacked departure boards showing the ransom demand instead of train times. But the company insisted that trains were running as normal.
◦Renault: The French automobile giant was hit, forcing it to halt production at sites in France and its factory in Slovenia as part of measures to stop the spread of the virus.
◦FedEx: The US package delivery group acknowledged it had been hit by malware and said it was "implementing remediation steps as quickly as possible." .
◦Russian banks, ministries, railways: Russia's central bank was targeted, along with several government ministries and the railway system. The interior ministry said 1,000 of its computers were hit by a virus. Officials played down the incident, saying the attacks had been contained.
◦Telefonica: The Spanish telephone giant said it was attacked but "the infected equipment is under control and being reinstalled," said Chema Alonso, the head of the company's cyber security unit and a former hacker.
◦Sandvik: Computers handling both administration and production were hit in a number of countries where the company operates, with some production forced to stop. "In some cases the effects were small, in others they were a little larger," Head of External Communications Par Altan said.
One place which seemed to have emerged relatively unscathed from the global cyber-havoc (aside from the US, which is ironic as it is the U.S. NSA that was created the hacking software) has been China. Or so it seemed due to lack of media reports from the mainland. Now,
courtesy of 95cn.org, and its twitter account, we have the first visual evidence that China too was materially impacted, to the point where not only local ATMs had been taken offline, but Chinese traffic police, immigration authorities and various public security bureaus and schools have suspended normal work until the malware threat is resolved.
Various Chinese traffic police, immigration authorities and Public Security Bureaus were forced to suspend normal work:
A map of the attacks shows that in addition to China, South Korea and Japan have also been seriously impacted. North Korea, however, has managed to squeeze through the cracks so far, perhaps due to the lack of local internet connectivity.
Finally, for those interested,
here is a video courtesy of @hackerfantastic showing what realtime WannaCry infection looks like.
For now it is unclear what if any economic impact this "Biggest Ransomware Attack In History" will unleash on the world. Whatever the final outcome, don't forget to thank the NSA, whose product made all this possible, and which was warned by numerous skeptics, about just this eventuality.
The Wikileaks founder warned the world to update its digital security systems. He was ignored and this is the result.
Worried about ‘WannaCry’? You should have listened to Julian Assange
http://theduran.com/worried-about-wannacry-you-should-have-listened-to-julian-assange/
A widespread computer virus attack known as ‘WannaCry’ has been compromising computers with obsolete operating systems across the world.
This should be the opening sentence of just about every article on this subject, but unfortunately it is not.
The virus does not attack modern computer operating systems, it is designed to attack the Windows XP operating system that is so old, it was likely used in offices in the World Trade Center prior to September 11 2001, when the buildings collapsed. Windows XP was first released on 25 August, 2001.
Furthermore, early vulnerabilities in modern Windows systems were almost instantly patched up by Microsoft as per the fact that such operating systems are constantly updated.
The obsolete XP system is simply out of the loop.
A child born on the release date of Windows XP is now on the verge of his or her
17th birthday. Feeling old yet?
With the amount of money governments tax individuals and private entities, it is beyond belief that government
organisations ranging from some computers in the Russian Interior Ministry to virtually all computers in Britain’s National Health Service, should be using an operating system so obsolete that its manufacturer, Microsoft, no longer supports it and hasn’t done for some time.
The scathing reality of this attack is that
Julian Assange warned both private and public sectors to be on guard against known vulnerabilities in such systems, vulnerabilities Wikileaks helped to expose. Assange even offered to help companies to get their digital security up to date.
The fact that Assange’s plea fell on deaf ears must bring further shame to all those impacted by the ‘WannaCry’ attacks who refused to listen to Assange and get with the times.
As it is, the technology used in the hacking/malware incident was created by America’s National Security Agency (NSA).
World famous whistle-blower Edward Snowden had something to say about that, If NSA builds a weapon to attack Windows XP—which Microsoft refuses to patches—and it falls into enemy hands, should NSA write a patch?
The fact is that, if only governments and mega-corporations took precautions to ensure actual safety measures were in place, rather than engaging in bogus fear-mongering in order to conceal their own incompetence and lack of modern technology, the people that such bodies are supposed to protect would be safe rather than misled and exposed to threats.
The blame for today’s attack can and should be equally shared by the hackers themselves and by those who patently ignored the warnings of Julian Assange, who advised the wider world to get clever, get secure and get modern upon the release of Vault 7 by Wikileaks.
When there is a wolf at your door, it is unwise to blame the person pointing out the presence of the hungry wolf. Those who attack Julian Assange for pointing out the wolf of un-secured computer systems are doing just that.
