The United States' National Security Agency (NSA) has linked North Korea to the ransomware attack that affected more than 300,000 people across the world in May. The attack hit 150 countries using the WannaCry computer worm.
The assessment by the NSA points with "moderate confidence" to North Korea as the perpetrators of the attack, the Washington Post reported. The security agency analyzed past tactics, techniques, and targets that suggest the Reconnaissance General Bureau, North Korea's spy agency, was behind the attack.
The NSA assessment, carried out last week but only made public this morning, stated that "cyber actors" were allegedly sponsored by the Reconnaissance General Bureau, the Washington Post reported. NSA analysts say North Korea's goal was to earn money for the regime, but they seem to have garnered only $140,000 in bitcoin.
WannaCry was the first computer worm to be used alongside ransomware. It first encrypts data on victims' computers and then asks for money so people can regain access to their own computers.
According to Reuters, a hacking group called the Shadow Brokers claimed responsibility for the attack. The Shadow Brokers are a group of hackers who appeared on the scene in summer 2016. They stole NSA secrets and left them scattered around various parts of the web, publically embarrassing the agency. It's unknown who the Shadow Brokers are, but they've exposed major weaknesses in companies including Microsoft and Cisco.
However, the NSA believe evidence points towards a group called Lazarus, and which in turn can be linked to Pyongyang. They have come to this decision by looking at the range of protocol addresses in China which have traditionally been used by the RGB, and according to the Washington Post, the NSA's assessment matches intelligence gathered by other Western agencies.
Experts believed North Korea was also behind a virtual bank heist in Bangladesh last year, in which the attackers made off with over $80 million.
