The Washington Times, May 23, 2017 – The hacking group widely blamed for breaching Sony Pictures in 2014 was “highly likely” behind the unprecedented WannaCry ransomware attack responsible for crippling computer systems around the world this month, a leading American cybersecurity firm said Monday.
An analysis of the recent “WannaCry” ransomware attack has uncovered “strong links” connecting its perpetrators with previous activity attributed to the so-called Lazarus Group, a cybercrime outfit accused of conducting the colossal Sony hack and other high-profile intrusions, according to Symantec, a Silicon Valley-based security company.
Symantec’s Security Response Team has uncovered “substantial commonalities in the tools, techniques and infrastructure used by the attackers and those seen in previous Lazarus attacks, making it highly likely that Lazarus was behind the spread of WannaCry,” it said in a Monday blog post.
Considered alongside earlier research, the latest findings further support the notion that WannaCry was unleashed by North Korean hackers: The FBI officially blamed the North Korea government in 2014 with hacking Sony, while private security researchers have largely linked that attack to the Lazarus Group, a likely state-sponsored organization with previously established ties to Pyongyang.
Symantec and Russian-based competitor Kaspersky Labs first acknowledged finding ties last week between WannaCry and the Lazarus Group, but admitted their evidence wasn’t enough to implicate any specific actor.
And While Symantec declined to pinpoint WannaCry to any nation-state in its follow-up report Monday, an analyst at FireEye, another California-based security firm, told Bloomberg that its research suggests some sort of connection exists between the ransomware attack and North Korea.