Skip to main content

WannaCry is North Korean, security researchers say

(Image credit: Image Credit: JMiks / Shutterstock)

Nearly a month after it struck devices around the globe, new information has emerged surrounding the major WannaCry ransomware attack.

The BBC says British officials from the National Cyber Security Centre (NCSC) are now claiming infamous North Korean cyber-criminal group Lazarus was behind the attack. 

However the NHS, which was 'particularly badly hit', wasn't a target at all. Instead, the BBC says the attack on the NHS might be a 'money-making scheme that got out of control'.

The conclusion is drawn from the fact that the money extorted from the attack is yet to be retrieved by the attackers. The group behind the attack – Lazarus, is the same group that organised the attacks on Sony prior to the release of the movie The Interview. 

The Interview was a comedy starring Seth Rogen, in which two journalists are plotting to assassinate the North Korean leader.

The BBC also claims that even though the group itself is based in North Korea, "the exact role of the leadership in Pyongyang in ordering the attack is less clear.”

Adrian Nish from BAE security, says there are some overlaps with previous Lazarus’ code:

"It seems to tie back to the same code-base and the same authors," Nish says. "The code-overlaps are significant."

WannaCry is a ransomware which attacked many public and private sector companies in May 2017. It is being perceived as one of the biggest ransomware fallouts to date.

Image Credit: JMiks / Shutterstock