Suspicion that the Wannacry ransomware is from North Korea has deepened further as the British security services’ cybersecurity team traced the worm to a group called the Lazarus Group, the people behind the 2014 Sony hack.
According to ZDNet, National Cyber Security Centre (NCSC) probed last month’s devastating hack as well as suspicions that the attackers were from North Korea. The outlet’s insiders, who claim to have knowledge on the matter, reportedly revealed that the hacking operation was indeed from the Asian country.
Based on the report, the British intelligence agency neither confirmed nor denied the report. However, suspicion that the North Korean government had a hand in the matter has already been raised based on a report from the Washington Post.
According to the outlet, a source from the U.S. National Security Agency (NSA) revealed that they have traced the worm that affected over 300,000 people in about 150 countries to the country’s spy agency, the Reconnaissance General Bureau.
Citing an assessment that was released only within NSA’s walls, the report revealed with “moderate confidence” that the Wannacry ransomware was suspected to be “sponsored by” the NorKor spy agency.
Now, it seems like someone from inside the British intelligence is echoing the suspicion and pinpointed a specific group that created the worm that has victimized U.K.’s National Health Service (NHS), the first high-profile victim in the country to report such an attack.
“A number of NHS organisations have reported to NHS Digital that they have been affected by a ransomware attack. The investigation is at an early stage but we believe the malware variant is Wanna Decryptor,” a statement from the agency reads, as quoted by ZDNet.
Others infected by the ransomware in the United Kingdom, which was previously dubbed as “WannaCryptOr,” include Fedex, Renault, Telefonica, and many others.
Prior to last month’s Wannacry ransomware outbreak, the Lazarus group had also preyed on Sony Pictures in 2014, which was believed to be an attempt to stop the satirical movie The Interview from getting released. The film was said to be an attempt at making fun of North Korean leader Kim Jong Un, causing BGR to draw the link between the Sony Pictures hack and the recent Wannacry attack.
According to Fotinet.com, ransomware like Wannacry works like a kidnapper: it locks up files and systems in a computer or network until the victim pays the ransom.
The website dubbed the Wannacry ransomware to be “particularly dangerous” because it exploits a Microsoft Windows vulnerable aspect, it spreads itself like a virus through a compromised computer, and its malicious code is modular which allows the attacker to change to avoid identification.
[Featured Image by Zephyr18/iStock]