Over the past few weeks, a critical question has been discussed amidst cybersecurity professionals and experts. Who would pair North Korean-linked malware with an alleged U.S. government cyber exploit leaked by the suspected Russia-affiliated Shadow Brokers to create a new variant of ransomware – a form of malware typically within the domain of cyber criminals? Sorting out the attackers’ intent further complicates this riddle. Why would an attacker infect over 300,000 computers in 150 countries, disabling operations at thousands of entities when there is relatively little monetary reward and no clear nation gaining the advantage?
Since May 12, it is estimated that the highly prolific WannaCry ransomware campaign cost victims hundreds of millions of U.S. dollars, including losses from reduced productivity, the cost of data restoration, and reputational risk. However, two weeks after deployment, it appears that the attackers had grossed less than $150,000 from victims paying the ransoms – a paltry amount for the risk they assumed and the attention they garnered from many governments globally.
“The Cipher Brief has become the most popular outlet for former intelligence officers; no media outlet is even a close second to The Cipher Brief in terms of the number of articles published by formers.” —Sept. 2018, Studies in Intelligence, Vol. 62
Access all of The Cipher Brief’s national security-focused expert insight by becoming a Cipher Brief Subscriber+ Member.
Subscriber+
