Could North Korea be the brains behind WannaCry ?
Research conducted by one of Google’s security experts – Neel Mehta – has thrown up a possible connection between the Lazarus hacker group and the WannaCry ransomware that has been wrecking havoc across the globe.
Alan Woodward, a UK based cyber security professor, has made this claim based on the research made public by the aforementioned security expert. The link is a similarity in the code used by the Lazarus group in earlier attacks targeted towards Sony and the country of Bangladesh. The claim has also been accepted by Kaspersky – another security firm based in Russia. The North Korean angle however, comes from an accepted belief that the Lazarus group – though based in China – works at the behest of the North Korean government.
9c7c7149387a1c79679a87dd1ba755bc @ 0x402560, 0x40F598
ac21c8ad899727137c4b94458d7aa8d8 @ 0x10004ba0, 0x10012AA4#WannaCryptAttribution
— Neel Mehta (@neelmehta) May 15, 2017
However, before we jump to conclusions, we must note that these are only rumors so far. There is no concrete evidence to pin this attack on the North Koreans or even the Lazarus group. Similarity of code is not evidence, its just a similarity. The fact that China itself has been affected by WannaCry, raises even further questions to the claim. For anyone not following world politics, China is North Korea’s only ally. Considering the hostility the North Koreans face from the international community, its highly unlikely they would bite the hand that feeds them.
This news also comes in the wakes by comments by Microsoft’s President and Chief Legal Officer implicating government agencies – the NSA in particular – of maintaining an inventory of such cyber weaponry. After the revelations of the prism program, one wouldn’t put this out of the US government’s capabilities.