Britain said on Friday it believed North Korea was behind the “WannaCry” cyber attack in May that disrupted businesses and government services worldwide, including the National Health Service (NHS) in England.

Security Minister Ben Wallace said Britain believed “quite strongly” that the ransomware attack came from a foreign state. "North Korea was the state that we believe was involved in this worldwide attack on our systems," he told BBC radio. “We can be as sure as possible - I can’t obviously go into the detailed intelligence but it is widely believed in the community and across a number of countries that North Korea had taken this role.” 

It appears that the hackers behind the WannaCry ransomware may be back at work. LG's service centers in South Korea were reportedly hit by a ransomware attack earlier in the week, with authorities revealing that the ransomware's malicious code was "identical" to WannaCry.

Users of LG's South Korean self-service kiosks were reportedly experiencing issues accessing the service. The issue was then reported by LG to the state-run Korea Internet and Security Agency, who confirmed the ransomware attack. "More investigation is still needed to determine the exact cause," KISA said in a statement, the Korea Herald reported.

More than £108,000 in bitcoin paid by victims of the WannaCry ransomware attack, which crippled parts of the NHS as well as businesses in 150 countries worldwide, has been withdrawn from the digital wallets the funds were being held in.

Nearly three months after the ransomware struck computers, locking up data, demanding ransoms and causing chaos in hospitals and firms including Spain’s Telefonica and FedEx, a total of £108,953 worth of bitcoin was withdrawn. The money, presumably moved by the hackers, was taken from three bitcoin wallets associated with WannaCry, according to tracking firm Elliptic.

Honda Motor Company was forced to halt vehicle production this week after finding WannaCry ransomware in its plant computer network. Its Sayama Plant in northwest Tokyo has a daily output of roughly 1,000 vehicles, ranging from Accord to Odyssey models, but was closed down on Monday after the ransomware was discovered on Sunday 18 June.

While production has today continued, the data breach continues to prove the lasting effects of WannaCry. A spokesperson told the virus had affected networks across Japan, North America, Europe, China and other regions, despite efforts to secure its systems in mid-May when the virus caused widespread.

The authors of the WannaCry malware are probably from the southern mainland, Hong Kong, Taiwan or Singapore, according to a US intelligence company. Forensic linguistic analysis on the malware suggested it was written by native Chinese-speaking people with southern accents.

In a report on its website, Flashpoint, which provides global business-risk intelligence, said it came to the conclusion with “high confidence”. Earlier reports based on code analysis suggested North Korean programmers at work. The WannaCry malware locked up data on infected computers and displayed a message in 28 languages demanding a ransom for restoration of the data.