Cybersecurity Experts Suggest North Korea Carried out WannaCry

Cybersecurity Experts Suggest North Korea Carried out WannaCry

The cybersecurity arm of British intelligence services has reportedly suggested the global ransomware attack was launched from North Korea.

  • Jun 19, 2017

Just last month a nasty ransomware attack by the name of WannaCry locked down the data on computers in nearly every continent across the globe. Now, cybersecurity researchers are getting to the bottom of where the attack was launched from.

British security services believe the attack was launched from North Korea, sources familiar with the matter have said. The WannaCry ransomware outbreak – powered by a leaked NSA exploit – took down Windows computers around the world, infecting over 300,000 PCs and crippling systems across the Americas, Europe, Russia and China.

The UK’s National Health Service was hit particularly badly by the attack, with hospitals and doctor’s surgeries knocked offline. Some services were not restored until days after the initial attack.

Now an investigation led by the National Cyber Security Centre has pointed to North Korean hacking operation, the Lazarus Group, as the source of the attack. While cybersecurity firms had previously suggested the WannaCry attack could have been mounted from North Korea, they could not confirm or deny the accusation at the time.

The role of the North Korean leadership in the WannaCry outbreak isn't known, but security services have suggested that those behind the attack may not have expected the ransomware to spread so quickly. Mistakes in the code point to the possibility that the authors didn't know what they were getting themselves in to.

The suggestion by British security services that WannaCry was launched by North Korea comes shortly after reports that US intelligence officials at the NSA have also linked the cyberattack to the country. The assessment was based on an analysis of tactics, techniques and targets, which has led to "moderate confidence" that North Korean intelligence was behind the attack.


Featured

  • Report: 47 Percent of Security Service Providers Are Not Yet Using AI or Automation Tools

    Trackforce, a provider of security workforce management platforms, today announced the launch of its 2025 Physical Security Operations Benchmark Report, an industry-first study that benchmarks both private security service providers and corporate security teams side by side. Based on a survey of over 300 security professionals across the globe, the report provides a comprehensive look at the state of physical security operations. Read Now

    • Guard Services

  • Identity Governance at the Crossroads of Complexity and Scale

    Modern enterprises are grappling with an increasing number of identities, both human and machine, across an ever-growing number of systems. They must also deal with increased operational demands, including faster onboarding, more scalable models, and tighter security enforcement. Navigating these ever-growing challenges with speed and accuracy requires a new approach to identity governance that is built for the future enterprise. Read Now

  • Eagle Eye Networks Launches AI Camera Gun Detection

    Eagle Eye Networks, a provider of cloud video surveillance, recently introduced Eagle Eye Gun Detection, a new layer of protection for schools and businesses that works with existing security cameras and infrastructure. Eagle Eye Networks is the first to build gun detection into its platform. Read Now

  • Report: AI is Supercharging Old-School Cybercriminal Tactics

    AI isn’t just transforming how we work. It’s reshaping how cybercriminals attack, with threat actors exploiting AI to mass produce malicious code loaders, steal browser credentials and accelerate cloud attacks, according to a new report from Elastic. Read Now

  • Pragmatism, Productivity, and the Push for Accountability in 2025-2026

    Every year, the security industry debates whether artificial intelligence is a disruption, an enabler, or a distraction. By 2025, that conversation matured, where AI became a working dimension in physical identity and access management (PIAM) programs. Observations from 2025 highlight this turning point in AI’s role in access control and define how security leaders are being distinguished based on how they apply it. Read Now

Most   Popular

New Products

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.