The world was left reeling in the wake of the massive WannaCry ransomware attacks last month, which affected numerous organisations and businesses in over 150 countries. As authorities, as well as security experts across the world continue to investigate the cause of the attacks, evidence continues to mount against North Korea, which some experts believe was behind the global attacks. The NSA has also reportedly linked the reclusive nation to the widespread ransomware attacks.
The American spy agency reportedly believes that the attacks were an attempt by North Korean hackers to generate revenue through Bitcoins. According to unspecified sources familiar with the matter, the NSA has "moderate confidence" in its analysis, which links the attacks to the North Korean spy agency – the Reconnaissance General Bureau (RGB), the Washington Post reported.
According to an internal, unreleased NSA report, "cyber actors" suspected to be "sponsored" by the RGB were behind two different versions of the WannaCry worm, which was developed by hackers on leaked NSA hacking tools, particularly the EternalBlue exploit, which was publicly released by the Shadow Brokers. The NSA analysis of the attack also found evidence of the WannaCry attackers using IP addresses in China which have previously been tied to the RGB.
The NSA is yet to officially comment on the matter.
The NSA is not alone in pointing fingers at North Korea. Security experts from Symantec and Kaspersky Labs have uncovered evidence that they said ties the Kim Jong-un-led reclusive nation to the WannaCry attacks.
However, Pyongyang has dismissed claims linking it to the ransomware attacks, deeming such allegations as "ridiculous".
North Korea has recently been blamed for a series of global cyberattacks, including bank hacks as well as cyberespionage campaigns. The country was also suspected to be involved in a targeted attack against experts at the UN monitoring violations of sanctions against North Korea. The country is known to have an army of cyber warriors who go after various targets across the world. Some experts also believe that North Korea's cybercriminal activities are aimed at helping Pyongyang generate revenue as it keeps being slapped with crippling economic sanctions by the international community.
The US government also issued a warning on North Korea's Lazarus Group. The hacker group has previously been blamed for the Sony hack as well as a slew of other cyberattacks against global targets. These attacks indicate that despite some experts' claims of North Korean hackers not being in the same league as other cyberespionage groups, in terms of sophistication and attack vectors, the country is still a very real threat in cyberspace.