The Security Ledger

US says North Korea behind WannaCry Attack

The Trump Administration on Tuesday said that the government of North Korea was responsible for the cyber attack dubbed “WannaCry” that infected hospitals in the United Kingdom and hundreds of thousands of other computers globally. 

In an address at the White House, Tom Bossert, Assistant to the President for Homeland Security and Counterterrorism, said that the U.S. was “publicly attributing the massive WannaCry cyber attack to North Korea,” based on an investigation into the incident. He said the U.S. would hold North Korea to account for its actions.

The Trump Administration laid blame for the May WannaCry malware on North Korea.

“We do not make this allegation lightly. We do so with evidence, and we do so with partners,” Bossert said, citing the governments of The United Kingdom, Australia, Canada, New Zealand, and Japan, which “have seen our analysis, (and)  join us in denouncing North Korea for WannaCry.”

The WannaCry infected more than 150,000 systems in May, mostly in Russia, Ukraine, the European Union and Taiwan according to data from the firm MalwareTech, which tracked WannaCry installations. National Health System hospitals in the UK were heavily impacted by the outbreak. However, the spread of the ransomware was halted due to a flaw in the design of the malware.

Bossert also said that the U.S. relied in part on the work of Microsoft and Facebook in its analysis. The Redmond, Washington company helped trace the WannaCry attack to “cyber affiliates of the North Korean government,” he said. And Microsoft and Facebook took action to stop North Korean attacks last week, he said.

Bossert called the attack “reckless” and designed to cause “havoc and destruction.” In addition to attributing the attack, the U.S. will lead the effort to  hold North Korea accountable, he said.

The Trump Administration spokesman faced questions from the media on the U.S. intelligence community’s culpability for the WannaCry attacks. The malware was spread in part using an exploit for a widespread Microsoft vulnerability developed by the NSA and then leaked to the public.

Bossert faced questions about the U.S.’s ability to monitor North Korean hackers and track crypto currencies like BitCoin. Reports suggest that the North Korean government has invested heavily in both mining and theft of BitCoin.

Spread the word!