AMSTERDAM - Where security experts are concerned about a next ransomware attack, the hunt for WannaCrypt's creators is in full swing. According to security experts, it is best to find the cornerstone of organized crime.
In the Financial Times, John Bambenek of Fidelis says that the perpetrators are to be found. 'They have put themselves on the radar at all detection services. If I can take a guess, I'll take care of organized crime, 'said Bambenek. Other security experts also think in that corner. The involvement of a government in the distribution of ransomware seems to be excluded. Malware has made victims worldwide and the calamized 'suspects' like Russia and China are as hard hit as the United States and a large number of countries in Europe.
Detecting perpetrators is, according to experts, no sinecure. The already paid ransom, a few tens of thousands of euros, has been handled through bitcoin and thus virtually decomposable. The main servers used in the distribution of WannaCrypt are also difficult to detect because Internet traffic has been launched through the anonymous Tor network.
It is now clear that the perpetrators used a leak in Windows that was uncovered by the US intelligence service NSA. Windowsmaker Microsoft has poached the gap, but is angry at the NSA because the service would have been too long over the weakness in Windows. Malicious people have been able to make use of the leak because the information that the NSA had recently spread through the whistleblower WikiLeaks. The NSA had developed software that could exploit the leak. That software has now been misused by malware distributors.
Russian President Vladimir Putin told the Russian State Broadcaster RT that fire intelligence services by developing viruses themselves and broadcasting software holes. According to him, those tools like a boomerang can work. He calls Washington to dialogue on cyber security.