North Korea is considered a rogue state by the most part of the world. The country itself unabashedly embraces this assertion. Apart from carrying out unannounced nuclear tests, North Korea is also supporting the groups of cyber attackers that launch worldwide attacks through different types of malware.
Last year, the US officials publically alleged North Korea to give financial assistance to the operators of WannaCry. North Korea interestingly didn’t deny the claim. Soon after WannaCry attack, a seasoned group of North Korean cybercriminals called Lazarus was identified by security experts. It is believed that the group has minted millions of dollars in the name of ransomware removal by carrying out cryptovirological attacks.
Now, a report published by Voice of America also shows that North Korean cybercriminals are making the most of ransomware. The report was originally furnished by McAfee that indicates that North Korean ransomware operators have purposely targeted over 87 US and European companies in the last two months.
According to experts at McAfee, they have reached this conclusion after identifying technical indicators of these attacks. And their findings suggest that these indicators are interlinked with cyber espionage instigated by North Korea.
Unlike regular ransomware operators who instigate cryptovirological attacks to rip off victims through ransomware removal extortions, North Korean operators are more interested in disrupting digital operations of notable European and US organizations. They are more focused on inflicting downtime and tainting their business reputation instead of getting money from them.
This observation is backed by the fact that all those affected 87 companies didn’t pay a single cent to the attackers for ransomware removal. They dealt with ransomware removal and recovery on their own. Nevertheless, the attacks still affected them in intangible ways.
This recent activity also hints that North Korean ransomware operators are continuously mastering the craft of cryptovirology.