China on WannaCry: It wasn't us, honest

[CrAKeN]

 

WannaCry caused chaos across the globe.

 

Chinese security firms have hit out at 'false' suggestions that the ransomware outbreak originated from the People's Republic.

 

Chinese security firms have hit out against suggestions that last month's global WannaCry ransomware outbreak can be blamed on China.

 

The WannaCry ransomware epidemic hit over 300,000 PCs around the globe, using worm-like capabilities to spread and infect Microsoft Windows machines -- including many in China. While nobody has uncovered evidence to specifically identify the perpetrators, there are several theories as who might be behind the attack.

 

One hypothesis, offered by researchers Flashpoint following linguistic analysis of the WannaCry ransom note, is that it's the work of a native or highly fluent Chinese speaker who used machine translation to convert the original note into other languages.

 

But Chinese security firm Qihoo 360 has dismissed the claims and questioned the attempt to attribute the attacks by analysing the ransom note text.

 

"The correct and professional way is to trace the ransomware through the traits of the code," said Zheng Wenbin, chief security engineer at Qihoo 360, speaking to Chinese state-run media Xinhua.

 

"Hackers often add characters from different languages into their code to confuse the public and hide their identity," Zheng added. Flashpoint's researchers didn't dismiss this in their report, and acknowledged that misdirection on behalf of the attackers could be in play.

 

Li Bosong, deputy chief engineer at another Chinese security firm, Antiy Labs, also criticised claims that China is behind WannaCry, dismissing reports as lacking 'substantial evidence' and claiming that cybersecurity researchers -- be they Chinese or otherwise -- will 'easily' see the 'falsity' of the claims that it emerged from China.

 

Lazarus redux?

Meanwhile, some security firms have linked the cyberattack to the notorious Lazarus Group, a hacking operation connected to a number of high-profile cyberattacks in recent years, including the $80m Bangladeshi cyber bank heist.

 

Researchers at Symantec have tentatively cited similarities between code used in Lazarus campaigns and the code behind WannaCry, potentially pointing to the two sharing an author. Lazarus is suspected of working on behalf of North Korea, although there are suggestions that the group operates out of China.

 

However, China was one of the countries hit hardest by the attack, with with 29,000 organisations in total falling victim to the ransomware -- including Chinese government bodies for transport, industry, social security and immigration.

 

While WannaCry caused chaos across the globe, the ransomware hasn't been particularly lucrative for its creators: almost a month on from the outbreak, the ransomware has banked just under $150,000.

 

The figure represents a poor return for such a widespread campaign, especially when you consider how the value of the Bitcoin wallets are on the rise due to a recent surge in the cryptocurrency's valuation.

 

Source

[ck_kent]

It could be from any country as well, considering Chinese is most spoken language.

 

Can't wait for Mr. Robot.  I wonder if or how they're going to incorporate this in their show.

[straycat19]

Those who are guilty always scream the loudest.  Guilty as charged based upon previous bad actions as the source of more malware and hacks than any other nation.

[pc71520]

13 hours ago, CrAKeN said:

Lazarus is suspected of working on behalf of North Korea,

although there are suggestions that the group operates out of China.

Still no proof...

[tao]

38 minutes ago, pc71520 said:

Still no proof...

proof

deceptive

deed-done

poof. 

 

[steven36]

 

Quote

 

Greater China cyber insurance demand to soar after WannaCry attack: AIG

 

HONG KONG (Reuters) - Demand for cyber insurance from firms in Greater China and elsewhere in Asia is poised to soar, based on enquiries received after the "WannaCry ransomware" attack earlier this year, executives at American International Group Inc (AIG.N) said.

The U.S. insurer saw an 87 percent jump in enquiries for cyber insurance policies in May compared to April for Greater China, including Hong Kong, as a direct result of the WannaCry attack, while the global increase was 38 percent, they said.

"The big increase means the organizations are aware they really need protection," said Cynthia Sze, head of an AIG business in Greater China, which sells products to companies dealing with cyber breaches. AIG executives declined to give details on numbers or say how many of the enquiries actually resulted in policy sales.

The self-replicating WannaCry malware in May infected over 200,000 computers in 150 countries.

A typical cyber insurance policy can protect companies against extortion like ransomware attacks. It could also cover the investigation costs and pay the ransom.

In Hong Kong, which is dominated by small and medium sized enterprises, the impact of a cyber attack could be severe as cyber threats are not a priority given the limited resources of SMEs, Sze said.

Citing Hong Kong police statistics, Sze said computer security incident reports have risen to about 6,000 last year from 1,500 in 2009. Financial losses resulting from such incidents jumped from HK$45 million ($5.76 million) to HK$2.3 billion over the same period, she said.

A spokeswoman for Hong Kong police confirmed the numbers in an emailed statement to Reuters.

"WannaCry has really changed the dynamics. We used to tap large multinational companies that understood where the exposure was. Now we are really talking about mid-market and SMEs," said Jason Kelly, AIG's head of liabilities and financial lines for Greater China, Australasia and South Korea.

The global cyber insurance market is worth $2 billion, with 30 percent of middle to large firms purchasing cyber insurance protection, according to AIG. The insurer has also seen an average annual growth rate of 20 to 25 percent in cyber insurance policies over the past three years worldwide, Kelly said.

According to Kelly, the annual damage from hackers to the global economy reached about $400 billion in 2015.

 

https://www.reuters.com/article/us-aig-china-cyber-idUSKBN1AP12E