Cyberattack
Bossert said Monday that WannaCry was not a tool developed by the NSA for ransom data, but he did not address if the vulnerability was based on stolen NSA cyber tools.
The U.S. has had run-ins with North Korea’s hackers before. In 2014, the United States charged North Korea with attacking computers at Sony in retaliation for the creation of a comedy titled “The Interview” that was about a CIA plot to kill North Korean leader Kim Jong Un.
Researchers warned that despite the findings, it could it could be months before any definitive link can be proven.
“At this time, all we have is a temporal link,” Symantec investigator Eric Chien told The New York Times. “We want to see more coding similarities ... to give us more confidence.’’
In the WannaCry attack, which started Friday, the attackers have demanded $300 per computer in payments to unlock infected computers, a scheme that paralyzed computers at U.K. hospitals, a Spanish telephone company and European car factories. But payouts so far have yet to top $100,000, according to firms tracking the attackers’ bitcoin accounts. Could there be another reason? Security researcher Matthieu Suiche, of Comae Technologies in the United Arab Emirates, said the hackers may be sending a message in some of the code that’s showing up, suggesting their purpose is to stir political mayhem.