NSA ties North Korea to WannaCry attacks: 5 things to know

The National Security Agency linked the North Korean government to WannaCry, the ransomware that infected more than 300,000 devices in more than 150 countries in May, the Washington Post reports.

Here are five things to know.

1. The NSA issued an internal assessment into the WannaCry attacks last week, however, the agency has not made the report public. The assessment is based on an analysis of tactics, techniques and targets used by the ransomware, an individual familiar with the matter reportedly told the Washington Post.

2. The assessment links WannaCry to North Korea's spy agency, the Reconnaissance General Bureau, with "moderate confidence," the individual said. Although the link is not conclusive, there is a preponderance of evidence pointing to North Korea, according to the Washington Post.

3. The assessment states the cyberactors reportedly behind two versions of WannaCry were sponsored by the Reconnaissance General Bureau. Specifically, the report names "the Lazarus Group" as hackers behind the attack — the same group widely blamed for the Sony Pictures hack in 2014, prior to the release of The Interview, according to the LA Times.

4. The assessment suggested WannaCry was an attempt to accumulate revenue for the North Korean regime, the Washington Post reports. However, although the hackers raised $140,000 in bitcoin, they have yet to cash in the digital currency. Analysts hypothesized the ransomware suffered from an operational error, which made transactions too easy to track by law enforcement.

5. The NSA declined to comment to the Washington Post.

More articles on health IT:

Iowa critical access hospital struck with ransomware

Startup Insider: 4 questions with Kyruus CEO Dr. Graham Gardner

UCHealth forms new lab to create innovative healthcare technologies

Copyright © 2023 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars