A report from ZDNet cites sources inside the British National Cyber Security Centre, who claim that North Korea was behind the recent WannaCry ransomware attack that hit millions of users worldwide.
The ransomware software spread like wildfire between infected Windows machines, and hit the UK particularly hard. A number of hospitals and regional health services were taken offline by the attack, and some officials have suggested that the attack was directly responsible for a number of deaths as a result.
ZDNet‘s report claims that the NCSC investigation has linked the attack to the Lazarus Group, a group of hackers believed to be behind a series of previous attacks. In particular, the Lazarus Group is generally believed to be behind the 2014 hack of Sony Pictures, which was broadly seen as an attempt to ruin the release of The Interview, a satirical movie that made fun of North Korean leader Kim Jong-un.
The links to North Korea seem tenuous and circumstantial, at least from the information contained in reports. Hacking attacks are difficult to link to any one country, so the methodology for investigating generally relies on an analysis of techniques, tactics, and the language of the code’s authors. In this case, reports have suggested that the hackers speak fluent Chinese but not as a first language.