Washington: Cyber security firms Symantec Corp and Kaspersky are looking into clues suggesting North Korea-linked Lazarus Group may be behind the global cyber attack, according to reports.
Around 300,000 computers across 150 countries were targeted as part of the attack.
One in five NHS trusts were hit with ransomware “WannaCry” attacks on Friday as part of a global hack.
In March, Symantec said it was highly likely Lazarus behind a recent cyber campaign targeting organisations in 31 countries. The firm revealed it has found similarities in the code of the ransomeware attack with previous hacks by the Lazarus group.
Ransomware is a technique used by hackers to extort money from people in a similar way to kidnapping, only it deals with files not people. The attackers take over the IT systems and encrypt the files, meaning users cannot access them.
They then demand payments – in this case about £230 – to free the files from this encryption so they can be used again. It is believed to be the first time ransomware has been used on such a large scale in the UK.
Security consultant Tony McDowell said Russian hackers were the likely “prime suspect” and accused them of “posturing”. NHS Digital, which is leading the health services’ response, said there was no evidence records had been accessed.