UN North Korea investigator's computer hacked: Reports

A panel of United Nations experts investigating violations of international sanctions on North Korea has been hit by a "sustained" cyber attack. The hackers managed to infiltrate a computer belonging to one of the experts on the the 1718 committee. Who exactly was responsible for the attack is not yet clear, but they are understood to have gained access to key details of the investigation.

The hackers sent a file to the experts after the attack, showing them some of the data they'd managed to make off with. "The zip file was sent with a highly personalized message which shows the hackers have very detailed insight into the panel's current investigations structure and working methods," reads an email sent by the chair of the panel to UN officials on 8 May, reports Reuters.

"As a number of 1718 committee members were targeted in a similar fashion in 2016, I am writing to you all to alert you to this heightened risk."

A separate email sent by the UN sanctions committee secretary on 10 May revealed that "an analysis" of the affected hard drive is under way.

"Increased vigilance relating to 1718 Committee-related correspondence is therefore advised until data analysis and related investigations are completed," the message reads.

Security experts believe that North Korean hackers could be behind the massive WannaCry attack that affected computer systems all over the world earlier this month. The WannaCry attack started crippling hospitals across the UK on 12 May, rendering infected computers unusable and preventing members of staff from accessing crucial patient records.

There are widespread rumors suggesting that North Korea maintains a unit of highly trained hackers capable of launching sophisticated attacks on Pyongyang's adversaries. Citing unverifiable sources among North Korean defectors, Reuters reported that North Korea's main intelligence agency has a special cyber cell called Unit 180. The secretive detachment is allegedly involved in launching high-profile cyberattacks on financial institutions in order to steal money and other assets.

Pyongyang has never acknowledged conducting such operations, however. On Friday, North Korea's deputy UN envoy said it was nonsense to link Pyongyang with the WannaCry ransomware attack. "Relating to the cyberattack, linking to the DPRK, it is ridiculous," Kim In Ryong, the deputy envoy, told a news conference, as cited by Reuters. "Whenever something strange happens, it is the stereotype way of the United States and the hostile forces that kick off noisy anti-DPRK campaign deliberately linking with DPRK," Kim said.

In April, Russia's KasperskyLab said it had traced some of the IPs used by the Lazarus Group, which is believed to be behind numerous hacking attacks on banks' SWIFT servers, back to North Korea, thus establishing "a direct link" between the suspected perpetrators and the reclusive state for the first time. However, KasperskyLab experts fell short of naming North Korea an actual perpetrator, citing lack of evidence.