Ed Jones / Getty
show image

NSA reportedly links North Korea to WannaCry ransomware that struck the NHS

America’s National Security Agency (NSA) has linked North Korea to the WannaCry virus that paralysed parts of the NHS and thousands more organisations last month, the Washington Post has reported.

Sources at the NSA told the paper that its analysis pointed with “moderate confidence” to North Korea’s spy agency, Reconnaissance General Bureau, as the perpetrator of the attack.

The allegations come just weeks after researchers at Kaspersky and Symantec identified similarities between the malware’s code and code previously deployed by North Korea.

The NSA has now traced the origin of the malware back to IP addresses in China previously used by North Korea’s spy agency to launch cyber attacks, the Washington Post reported.

The paper also reported that the agency believes the attack could have been designed by an independent team of hackers known as the Lazarus Group on behalf of the North Korean government.

The malware seized control of victims’ computers, demanding they pay the equivalent of $300 in bitcoin to unlock their systems.

But if the hackers were motivated by the prospect of making money for the North Korean government, their efforts have failed.

An operational error has made the transaction traceable, the Washington Post reported, meaning online currency exchanges would refuse to cash the bitcoin.