On Wednesday, US officials declared North Korea to have been behind May’s Wannacry ransomware attacks. North Korea reiterated their denial, but perhaps even more meaningful were statements from independent researchers.
US officials claim there is “proof,” but researchers say that the case is extremely flimsy, resting on common code snippets which don’t in any way prove common origins, and the server’s use of a North Korean IP address for an apparently unused connection.
The IP address, however, could be any number of things, either an attempt by the attackers to frame North Korea to bring the attention away from themselves, or perhaps even a sign that a North Korean official got infected by the ransomware too and was trying to track it down.
North Korean officials have insisted they have nothing to do with any cyberattacks, and that they don’t deny every single allegation made against them because there are simply too many to keep track of.
