賽門鐵克(Symantec)的最新報告稱,有“強(qiáng)有力的證據(jù)”顯示“想哭”(WannaCry)勒索軟件與朝鮮黑客組織Lazarus有關(guān)聯(lián)。
The cyber security company believes there is a “close connection” to Lazarus, the group behind the cyber attacks on Sony Pictures and the Bangladesh central bank, because of similarities in the tools, code and infrastructure used by the hackers.
這家網(wǎng)絡(luò)安全公司相信Lazarus與此事有“密切關(guān)聯(lián)”,因為黑客所用的工具、代碼和基礎(chǔ)架構(gòu)有相近之處。Lazarus曾對索尼影視(Sony Pictures)、孟加拉國央行發(fā)動過網(wǎng)絡(luò)攻擊。
But the hackers could have been moonlighting and may not have been directed by the North Korean government, Symantec said.
但賽門鐵克表示,這些黑客可能是兼職,或許并不受朝鮮政府指揮。
Vikram Thakur, technical director of Symantec Security Response, said while they had a “very high level of certainty” that the attackers were using the same tools as Lazarus, the “botched” operation leads them to believer that it was not the work of a nation state, which is usually more sophisticated.
賽門鐵克安全響應(yīng)部門技術(shù)總監(jiān)維克拉姆•塔庫爾(Vikram Thakur)表示,雖然他們“高度確定”攻擊者使用了與Lazarus相同的工具,但其“笨拙”的操作令他們相信這不是某個國家所為,國家展開的行動通常更復(fù)雜。
“There is a strong possibility that it is some member of the Lazarus group, who has either left or is still working for them, trying to make some money on the side,” he said.
他說:“很有可能是Lazarus組織的某個成員,此人要么已經(jīng)離開了該組織,要么仍為其工作,想私下賺點錢。”
“The discovery of a small number of earlier WannaCry attacks has provided compelling evidence of a link to the Lazarus group,” said the Symantec report.
賽門鐵克的報告表示:“對幾起早期‘想哭’攻擊的發(fā)掘,提供了強(qiáng)有力的證據(jù)表明與Lazarus組織有關(guān)聯(lián)。
“Similarities in code and infrastructure indicate close connection to group that was linked to Sony Pictures and Bangladesh Bank attacks.”
“代碼和基礎(chǔ)架構(gòu)上的相近之處表明,與攻擊索尼影視和孟加拉國央行的組織有密切關(guān)聯(lián)。”
If the hackers behind the attack are based in North Korea, Mr Thakur believes it was unlikely they would face international prosecution. “The chances of arresting somebody who is based in North Korea is between zero and zero,” he said.
塔庫爾認(rèn)為,“想哭”背后的黑客如果位于朝鮮,則不太可能受到國際檢控。他說:“逮捕一個位于朝鮮的人的幾率為零。”