US blames North Korea for WannaCry ransomware attacks

On Tuesday the United States of America accused North Korea of responsibility for a global ransomware attack which locked down more than 300,000 computers in 150 countries earlier this year.

The U.S. now has enough evidence to support its assertion that Pyongyang (Capital city of North Korea), was behind the WannaCry attack. The Deputy National Security Advisor for Homeland Security and Counterterrorism, Tom Bossert told the reporters at a White House press conference. Us might have evidence to support its accusation but it hasn't released anything to the public, which could create problems.

Speculation has connected North Korea with WannaCry ransomware attack since June when the NSA (National Security Agency) said it believed Pyongyang was behind the attack. The British government reached the same conclusion in October, and the CIA agreed to it in November.

However, there is evidence that indicates North Korea had launched the ransomware virus but the fact is that the evidence isn't definitive and maintained, James Scott, a senior fellow at the Institute for Critical Infrastructure Technology.

The Lazarus connection

There is a strong indicator of North Korea's involvement with WannaCry is the malware's connection to the Lazarus Group. The Lazarus Group is a cybercrime group which has been tied to Pyongyang, observed by, a threat engineer at AlienVault.

Symantec Corporation, an American software company wrote  on their web "Tools and infrastructure used in the WannaCry ransomware attacks have strong links to Lazarus, the group that was responsible for the destructive attacks on Sony Pictures and the theft of US $81 million from the Bangladesh Central Bank."

The above is the summary of links that helped the Symantec Corporation to conclude that the WannaCry ransomware attack was triggered by or has some connection with North Korea.