Despite the truth of your historical timeline, 'WannaCry' does neatly fit the profile of Room 39, a department of the North Korean government which raises foreign currency through cybercrime and other criminal activities [0][1]. They have been implicated in past hacks by non-U.S. groups as well, including Kaspersky Labs [2].
Thanks; that's valuable to know. And certainly past mis-attribution does not make every attribution false.
> 'WannaCry' does neatly fit the profile of Room 39
Let's keep in mind that for state-level intelligence agencies, sophisticated frame jobs are normal activities and attribution of IT attacks is difficult. Again, that doesn't rule out NK in any way, but in this situation the profile of behavior doesn't tell us much (though I do value the other evidence in the parent).
[0] https://www.washingtonpost.com/world/asia_pacific/he-ran-nor... [1] https://en.wikipedia.org/wiki/Room_39#Purpose_and_activities [2]http://money.cnn.com/2017/04/05/news/economy/north-korea-eco...