Cybersecurity Experts Suggest North Korea Carried out WannaCry

Cybersecurity Experts Suggest North Korea Carried out WannaCry

The cybersecurity arm of British intelligence services has reportedly suggested the global ransomware attack was launched from North Korea.

  • Jun 19, 2017

Just last month a nasty ransomware attack by the name of WannaCry locked down the data on computers in nearly every continent across the globe. Now, cybersecurity researchers are getting to the bottom of where the attack was launched from.

British security services believe the attack was launched from North Korea, sources familiar with the matter have said. The WannaCry ransomware outbreak – powered by a leaked NSA exploit – took down Windows computers around the world, infecting over 300,000 PCs and crippling systems across the Americas, Europe, Russia and China.

The UK’s National Health Service was hit particularly badly by the attack, with hospitals and doctor’s surgeries knocked offline. Some services were not restored until days after the initial attack.

Now an investigation led by the National Cyber Security Centre has pointed to North Korean hacking operation, the Lazarus Group, as the source of the attack. While cybersecurity firms had previously suggested the WannaCry attack could have been mounted from North Korea, they could not confirm or deny the accusation at the time.

The role of the North Korean leadership in the WannaCry outbreak isn't known, but security services have suggested that those behind the attack may not have expected the ransomware to spread so quickly. Mistakes in the code point to the possibility that the authors didn't know what they were getting themselves in to.

The suggestion by British security services that WannaCry was launched by North Korea comes shortly after reports that US intelligence officials at the NSA have also linked the cyberattack to the country. The assessment was based on an analysis of tactics, techniques and targets, which has led to "moderate confidence" that North Korean intelligence was behind the attack.


Featured

  • Ransomware Attacks Rise for the First Time in Six Months

    Ransomware attacks have risen for the first time in six months, increasing by 28% month-on-month to 421 attacks. While overall attack volume remained below 500, the uptick may signal a renewed escalation heading into the year’s most active period for cyber criminals. Read Now

  • Report: 47 Percent of Security Service Providers Are Not Yet Using AI or Automation Tools

    Trackforce, a provider of security workforce management platforms, today announced the launch of its 2025 Physical Security Operations Benchmark Report, an industry-first study that benchmarks both private security service providers and corporate security teams side by side. Based on a survey of over 300 security professionals across the globe, the report provides a comprehensive look at the state of physical security operations. Read Now

    • Guard Services

  • Identity Governance at the Crossroads of Complexity and Scale

    Modern enterprises are grappling with an increasing number of identities, both human and machine, across an ever-growing number of systems. They must also deal with increased operational demands, including faster onboarding, more scalable models, and tighter security enforcement. Navigating these ever-growing challenges with speed and accuracy requires a new approach to identity governance that is built for the future enterprise. Read Now

  • Eagle Eye Networks Launches AI Camera Gun Detection

    Eagle Eye Networks, a provider of cloud video surveillance, recently introduced Eagle Eye Gun Detection, a new layer of protection for schools and businesses that works with existing security cameras and infrastructure. Eagle Eye Networks is the first to build gun detection into its platform. Read Now

  • Report: AI is Supercharging Old-School Cybercriminal Tactics

    AI isn’t just transforming how we work. It’s reshaping how cybercriminals attack, with threat actors exploiting AI to mass produce malicious code loaders, steal browser credentials and accelerate cloud attacks, according to a new report from Elastic. Read Now

Most   Popular

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.