Chinese IT security companies have responded to a claim that last month's global WannaCry ransomware outbreak stemmed from China.
The claim followed a linguistic analysis of the ransom notes in various languages by security firm Flashpoint, which concluded that the malware had Chinese provenance.
The ransomware campaign was estimated to have infected at least 300,000 computers and internet-connected devices across 150 countries - including thousands of devices in the NHS which brought many NHS trusts to a halt.
But identifying the perpetrators of the attack hasn't been easy.
While Flashpoint pointed the finger at China, rival Symantec suggested that North Korea was ‘highly likely' behind the attack. Symantec claimed that an analysis of malware samples had found strong links between the code used in the ransomware campaign, and malware tools used in attacks against Sony Pictures in 2014 and the $81m cyber-heist perpetrated against Bangladesh Bank last year - all of which have been attributed to North Korea.
Flashpoint's subsequent linguistic analysis, though, strongly indicated that native Chinese speakers were behind the malware. It found that nearly all of the ransom notes were translated using Google Translate, and that only three - the English version and two Chinese versions - were likely to have been written by a human.
According to Flashpoint, it appeared as though the English version was used as the basis for the translation into other languages. However, the two Chinese ransom notes differed "substantially" from the other notes in both "content, format and tone".
It continued: "More generally, the note makes use of proper grammar, punctuation, syntax, and character choice, indicating the writer was likely fluent or at least native. There is, however, at least one minor grammatical error which may be explained by auto-complete, or a copy-editing error."
However, Zheng Wenbin, chief security engineer at Qihoo 360, one of the better known security companies in China, said that the type of analysis Flashpoint attempted should not be taken seriously.
"The correct and professional way is to trace the ransomware through the traits of the code," he told Chinese state-owned media outlet Xinhuanet.
He added that hackers often added characters from different languages into their code to confuse the public and hide their identity.
Li Bosong, deputy chief engineer at Antiy Labs, an anti-virus software provider, added that the report lacked substantial evidence needed to gain the approval of cyber security experts.
Using photocatalysts to convert carbon dioxide into usable energy such as methane or ethane
Trained on curated data from Moorfields Eye Hospital, the neural network also shows clinicians how it reached its judgement
Yokohama National University demonstrate technology that could lead to a fault-tolerant universal quantum computer
Top-of-the-range Threadripper 2990WX now available from Scan, Ebuyer, Overclockers, Novatech and Amazon