Errata Security critiques the U.S. government’s public attribution of WannaCry to North Korea, arguing that the evidence and policy framing left key attribution questions unresolved. The article distinguishes North Korea as a state from external hacking assets or Lazarus-linked operators who may act with varying degrees of state direction. It also frames WannaCry’s worm-like spread as an accident whose impact could not have been precisely targeted, while noting that the use of ETERNALBLUE also implicates the NSA’s loss of the exploit. The piece matters for DPRK-focused tracking because it accepts that North Korea-tied hacking groups likely had responsibility for WannaCry while warning against overstating intent, command authority, or political certainty without released evidence.