How machine translations were used for evil

Recently you might have heard all over the news channels the reports of the National Health Service (NHS) being ‘cyberattacked’ by hackers using ransomware to try and get payments. Parts of the NHS were affected during the initial outbreak of the ransomware called WannaCry, or as it is also sometimes referred to as WanaCrypt0r 2.0, WannaCry and WCry. It was not just the NHS systems that were infected; the massive shipping company FedEx Corp, German railway operator Deutsche Bahn, Spanish telecommunications company Telefonica, Nissan, and Hitachi were amongst the high profile companies to be hit by the attack. The list goes on as around 300,000 more computers in 150 countries were also infected, with Russia being the worst hit.

The ransomware has come about when hackers stole a hacking tool called ‘Eternal Blue’ which was developed by American military organisation the National Security Agency (NSA) to gain access to all computers operating with Microsoft Windows in order to stop criminal activities such as terrorism. Although it is not known for sure who is responsible for the WannaCry with most people strongly linking it to a group of hackers from North Korea. But security firm Flashpoint have suggested after linguistic analysis that it may have emerged from Southern China through the help of machine translations services.

On their blog post, Flashpoint say that after analysing the ransom note sent to victims demanding payment, the person who wrote the note was “native or at least fluent” in Chinese. They also go on to say that after looking at all of the 28 notes sent in different languages only 3 out of the 28 were actually written by a human; the English, Chinese Simplified and traditional version; with the remaining 25 being translated from English with the help of fast translation software Google Translate.

The way in which WannaCry works is often through a technique known as ‘phishing’ where an email is sent out fooling people into opening the attachments which contain malware, once opened it spreads onto your computer locking your files and encrypting them and the message or ‘ransom note’ appears demanding $300-600 payment through bitcoin in order to re-access your files. If not paid after a few days WannaCry threatens to delete your files. Although some experts have urged against paying as it is believed there is no guarantee once paid and such a big financial translation could see more attacks like this occurring.