Claims of North Korea Links to Cyber Attack ‘Well Short of Proof’

WannaCry Had Some Code in Common With Past Attacks

Researchers investigating last week’s cyber attacks involving the WannaCry ransomware say that early versions of the software had some code in common with past attacks by the “Lazarus Group,” which some officials have accused of being North Korean hackers.

The Lazarus Group was behind a handful of past attacks, most notably the Sony hacking incident of 2014, which officials attributed to North Korea primarily because it came around the release of the movie The Interview, which involved a plot to kill North Korea’s leader.

The researchers who noted the similar code conceded that copying snippets of code between hacker groups is not uncommon, and that this was “well short of proof” of an actual relationship between the two. Indeed, most of the WannaCry code was a copy of exploits developed by the NSA.

The US has long favored blaming whatever nation they are at odds with at any given time for any high-profile cyber attack, which in the past has left puzzling situations where the US accuses Russia or China of hacking something they had no plausible reason to hack in the first place. While North Korea doesn’t have a clear motive for bringing down phones in Spain or Britain’s health care system, US officials are continuing to talk this up.

Author: Jason Ditz

Jason Ditz is Senior Editor for He has 20 years of experience in foreign policy research and his work has appeared in The American Conservative, Responsible Statecraft, Forbes, Toronto Star, Minneapolis Star-Tribune, Providence Journal, Washington Times, and the Detroit Free Press.