SEOUL – The South Korean army raised its cyberalert level on Tuesday in the wake of suspicions that North Korea might be behind the WannaCry ransomware attack worldwide last week.
A defense ministry spokesperson confirmed to EFE the monitoring system Information Operations Condition, or INFOCON, focusing on cybersecurity (especially attacks originating in North Korea), raised the alert level one notch, from 4 to 3 – on a scale where 1 is the highest alert level – in the light of the global malware attack.
The spokesperson added military authorities suspect North Korea to be behind the attack after two cyber security agencies detected in WannaCry, a code similar to an earlier attack that was attributed to hackers from the neighboring country.
However, he clarified no South Korean military computers have been infected by the malicious software, and that it has barely affected ten firms in the country so far.
On Monday, two software firms – Symantec and Kaspersky Lab – said part of the programming code of WannaCry’s first version also appeared in programs used by the Lazarus group – which many agencies believe to be a team of North Korean hackers.
This group was also linked to the late 2014 hacking incident at Sony Pictures, following the premiere of its controversial film “The Interview.”
However, as it is quite common for hackers to lift complete lines of code from older programs to make new malware, the affected software firms feel it is too soon to fix responsibility for the large-scale attack.
“WannaCry” works by limiting or denying access to computers or files to users until they pay a ransom in virtual currency Bitcoin.
The attack has affected over 200,000 computers across 150 countries since Friday last week, and China has already reported a variant of the virus that restricts access to the infected system to a greater extent.