The month of May saw the WannaCry ransomware attacks hit over 200,000 systems in 150 countries. WannaCry managed to take control over one s system and demanded ransom between $300 and $600 in Bitcoin for their encrypted files. Post the attack, a researcher at Google shared data relating the WannaCry attack to North Korea s Lazarus Group to which the Kaspersky Lab agreed the same. Now Britain s National Cyber Security Centre (NCSC) reportedly points to the Lazarus Group behind the WannaCry attack as well.
Britain was one of the earliest and most affected by the WannaCry attack as it led to affecting the National Health Service. This disrupted many services in hospitals as they had to shut their systems off and use pen and paper to resume their work. The BBC reports that an international investigation was conducted by the NCSC and puts the Lazarus Group behind the WannaCry attack. The NCSC is said to have begun its investigation post the attack and has also finished their assessment few weeks back. The NCSC hasn t officially announced their findings, and this information comes from the BBC s sources.
The notorious Lazarus Group is believed to be operating from North Korea and has so far caused three major attacks. The first was on the South Korean government in Seoul, followed by the attack on Sony Pictures and the 2016 attack on the Bangladesh Bank. Neel Mehta had first revealed the similarity between the codes used in WannaCry to that of the previous ones used by the Lazarus Group. More security companies like Kaspersky Lab and Symantec conducted deeper research revealing the same. ALSO READ: WannaCry ransomware highly likely to be the work of North Korea s Lazarus Group: Symantec
The report further states that Adrian Nish, head of the cyber intelligence team at BAE Systems also discovered overlaps with the WannaCry attack and previous codes created by the Lazarus Group. The National Security Agency has also linked the WannaCry attack with North Korea s Lazarus Group. But the NCSC is believed to have conducted a deeper investigation thereby putting more stress on the fact that Lazarus is indeed behind the attack. Moreover, there haven t been evidence discovered pointing to different hackers. With many notable organizations pointing fingers to the Lazarus Group, it may seem highly likely that they are behind the global attack, but nothing can be confirmed for sure. ALSO READ: WannaCry ransomware attack: Microsoft Windows 7 most affected OS, XP count insignificant says Kaspersky