Friday’s ransomware outbreak, which used recently revealed weaknesses in Microsoft’s Windows operating system to spread further and faster than any before, has prompted the Redmond-based developer to break its own rules on software maintenance in an effort to keep users safe.
The ransomware, also known as “WanaCrypt0r”, “WeCry”, “WanaCrypt” or “WeCrypt0r”, used a vulnerability in a Windows Server component to spread within corporate networks. The weakness was first revealed to the world as part of a massive dump of software vulnerabilities discovered by the NSA and then stolen by a group of hackers calling themselves “Shadow Brokers”.
“We believe it’s important that other researchers around the world investigate these similarities and attempt to discover more facts about the origin of WannaCry,” the company added.
“Looking back to the Bangladesh attack, in the early days, there were very few facts linking them to the Lazarus Group.
“In time, more evidence appeared and allowed us, and others, to link them together with high confidence. Further research can be crucial to connecting the dots.”
Attributing cyber-attacks can be notoriously difficult – often relying on consensus rather than confirmation.