Of note: The Shadow Brokers hinted at the same thing a few weeks back.
"In May, No dumps, theshadowbrokers is eating popcorn and watching "Your Fired" and WannaCry. Is being very strange behavior for crimeware? Killswitch? Crimeware is caring about target country? The oracle is telling theshadowbrokers North Korea is being responsible for the global cyber attack Wanna Cry. Nukes and cyber attacks, America has to go to war, no other choices! (Sarcasm) No new ZeroDays."
I'm not sure how much that adds though because at the time of them writing that, there was a lot of speculation online that it was NK based on some shared code. That argument was baseless, the amount of shared code was far too small and trivial to possibly be used for attribution, but it more easily explains why they bet on NK than having an inside track to an NSA investigation.
"In May, No dumps, theshadowbrokers is eating popcorn and watching "Your Fired" and WannaCry. Is being very strange behavior for crimeware? Killswitch? Crimeware is caring about target country? The oracle is telling theshadowbrokers North Korea is being responsible for the global cyber attack Wanna Cry. Nukes and cyber attacks, America has to go to war, no other choices! (Sarcasm) No new ZeroDays."