THE NATIONAL CYBER SECURITY CENTRE (NCSC) has blamed North Korea's Lazurus Group for the WannaCry ransomware attack that whacked as many as 20 per cent of NHS trusts in the UK.
According to the BBC, NCSC conducted its own investigation in the aftermath of the attacks, which including examining code taken from infected computers and comparing it with samples from previous attacks. The analysis strongly pointed to Lazarus Group, the report claims, which has previously been linked to the North Korean government.
It's not the first analysis to point the likely finger of blame at North Korea.
According to BAE Systems' Adrian Nish, the code seen in WannaCry is congruent with code seen in attacks previously linked to Lazarus. Symantec has also linked the outbreak with North Korea.
However, an analysis of the ransom notes used by WannaCry conducted by Flashpoint suggested native Chinese speakers, although close links between North Korea and China might not necessarily rule out a North Korean connection based on that evidence.
Lazarus has been linked with a string of cyber attacks around the world, including the attack in November 2014 on Sony Pictures Entertainment, which coincided with the release of a film, The Interview, about an assassination attempt on North Korea leader Kim Jong-un.
Russian security software and services company Group-IB claims to have traced the group to a specific district of the North Korean capital Pyongyang, claiming that it is controlled out of the Bureau 121 government agency, which has engaged in various money-raising criminal acts for years, including counterfeiting and drug smuggling, as well as cyber attacks and fraud.
The North Korean state is also alleged to employ an ‘army of trolls' numbering tens of thousands of staff whose purpose is to spread propaganda, hack websites and attack neighbouring South Korea in online posts.
Symantec has linked Lazarus with attacks going back to at least 2009, citing similarities in the malware code and attack techniques used.
However, James Scott, a senior fellow at the Institute for Critical Infrastructure Technology, criticised Symantec's report and suggested that it was premature to definitively point the finger of blame for WannaCry at North Korea.
Justine Greening and Greg Clark among those affected
A whole new take on 'cord-cutters'
Surely everyone can get a long?
Report also points to an ARM coprocessor for Touch ID