Microsoft and Facebook have come together to take action against Zinc or Lazarus, the perpetrators of the infamous WannaCry attack, according to CNN. The group is synonymous with several cyber threats, which targeted hospitals, businesses and banks in May.
North Korea behind WannaCry attack
It must be noted that this news came close on the heels of the U.S. government accusing North Korea of the WannaCry attack. In a Wall Street Journal op-ed, Homeland security adviser Tom Bossert stated that North Korea is being held responsible for the attack “after careful investigation.” He mentioned that the conclusion is backed by evidence, but did not divulge any further details.
Governments of the UK, Australia, New Zealand, Canada and Japan also seemed to agree with the U.S. that North Korea is backing the WannaCry group. WannaCry attacked the enterprise networks via EternalBlue, a loophole in the Windows SMBv1 protocol. Of all the entities, U.K.’s National Health Service (NHS) was hit the hardest, leaving patients at huge risk.
Bossert noted that North Korea has been playing dirty for almost a decade and its malicious behavior is growing more disgusting.
“WannaCry was indiscriminately reckless,” he said.
In 2015, South Korea claimed that North Korea employs a 6,000-member cyber-army, who are working to disrupt South Korea’s government and military.
Bossert noted that America would continue to push North Korea to withdraw from such attacks, adding that the Trump administration is also keen to bring the private sector to the table to prevent such attacks in the future. He, however, stated that Trump had deployed every trick possible to make North Korea behave more responsibly.
“It’s nevertheless important to call them out, let them know it’s them and we know it’s them,” he said.
Further, he said that by attributing the WannaCry attack to North Korea, they want them to realize that the U.S. will move ahead to stop their behavior and work with companies such as Microsoft and Facebook.
Microsoft, Facebook targeting WannaCry group
“Among other steps, last week we helped disrupt the malware this group relies on, cleaned customers’ infected computers, disabled accounts being used to pursue cyberattacks and strengthened Windows defenses to prevent reinfection,” said Microsoft’s Chief Legal Officer Brad Smith, in a blog post.
Smith further stated that they had taken the action after consulting with several governments, but made the decision “independently.” Microsoft would share more details about its actions in the near future after digging deeper into the data and information collected.
Facebook has also performed similar actions by deleting the profiles operated by the WannaCry group. Hackers make fake profiles on Facebook to connect with the potential target. The social networking giant also contacted the people who had connected with the suspicious accounts, and informed them about improving the security of their account.
“Facebook has a long-standing commitment to security, and we continue to invest in efforts to protect people from cyber threats and keep our platform safe,” a Facebook spokesperson said in a statement, according to CNN.