NSA believes North Korea is behind WannaCry


Stuck with “moderate security.”

The US National Security Agency (NSA) has linked the North Korean government to WannaCry, the Washington Post.

Internal assessment
Their assessment, released internally last week and not yet published, should be based on analyzes of tactics, techniques and goals that all point to North Koreans with “moderate safety.”

It’s supposed to be the North Korean spying agency, Reconnaissance General Bureau (RGB), who was behind the crime, infecting over 200,000 computers claiming redundancies around the world last month.

Can not get hold of the money
WannaCry should have been an attempt to make money for the regime, writes the newspaper, but this should have gone wrong.

The hackers behind the worm must have earned $ 140,000 (1 190,000) in Bitcoin, but one mistake should have made this revenue public so nobody dares to touch the money.

IP addresses in China
However, the NSA’s assessment itself should not have reached a firm conclusion without saying that the evidence points to Pyongyang.

For example, they found a number of IP addresses in China that are often used by RGB, and the assessment should be in line with ratings from other Western affiliates.

The NSA also discovered an early version of the WannaCry worm in circuits in China that came from North Korea, and should have been used as a prototype on the worm itself.