The Wannacry worm that infected organisations in 150 countries in May has been blamed on North Korea by the US's National Security Agency (NSA).
The Washington Post said there was "moderate confidence" in the report's findings, while the spy agency said the worm was meant to boost regime coffers.
Security company Symantec also believes a hacking group linked to North Korea was behind the attack.
But North Korea's involvement has been disputed by other security firms.
However, in late May, intelligence company Flashpoint said its analysissuggested hackers fluent in Chinese were responsible.
In addition, James Scott, a senior fellow at the Institute for Critical Infrastructure Technology, has thrown doubt on links between Lazarus and Pyongyang.