White House holds briefing blaming North Korea for WannaCry malware attack

Kristopher Drake
December 21, 2017

The malware attack claimed to have affected at least 300,000 computers across 150 nations, causing damage of billions of dollars.

Now, the USA government has publically accused North Korea as the power responsible for fueling the WannaCry ransomware, according to a writing published (via The Verge) in the Wall Street Journal by Thomas Bossert. "It was cowardly, costly and careless".

Instead, Bossert praised the actions of Facebook, Microsoft, and other private companies that he said "acted to disable a number of north koran cyber exploits", and requested such companies "increase their sharing of information with us". While the attack cost organisations billions, it didn't generate much ransom, perhaps as little as $200,000.

HR McMaster said: "I don't want to get into the specifics of military plans and estimates but I will tell you that the President has asked us to continue to refine our military option should we have to use it".

"We brought charges against Iranian hackers who hacked several USA companies, including HBO". In May, The Washington Post reported that the National Security Agency had "moderate confidence" that WannaCry was linked to the KPRK. None have released evidence to prove that assertion.

From there, the attackers would access the user's bitcoin wallet either on the computer, or on the bitcoin exchange's server, he said. "We need governments to come together as they did in Geneva in 1949 and adopt a new digital Geneva Convention that makes clear that these cyber-attacks against civilians, especially in times of peace, are off-limits and a violation of worldwide law", he added.

Indeed, the tools could have been reused by anyone.

The attack was eventually stopped by a British hacker who discovered a "kill switch" in the code that disabled the virus. "Microsoft acted before the attack in ways that spared many USA targets", he said.

Heatmap shows WannaCry outbreak.

Microsoft is saying the attacks were lead by "ZINC", otherwise known as the Lazarus Group, which was also responsible for WannaCry.

The government often declines to comment on who it believes is culpable for major digital attacks. Bossert added, "Next time we're not going to get so lucky". Seemingly, doing so might have revealed the extent to which US intelligence was able to track and monitor individuals suspected of being tied to the regime.

"Stopping malicious behavior like this starts with accountability", Bossert wrote.

Cristiana Brafman Kittner, principal analyst at the cybersecurity firm FireEye, said she could not confirm whether North Korea had actually stolen any virtual currencies, but said hackers linked to it had targeted "multiple exchanges" over the past six to nine months. We had to examine a lot.

The Redmond giant announced it is also pleased with the US, UK, Australia, Canada, New Zealand, and Japan for announcing that North Korea is responsible for the activities of ZINC/Lazarus.

But some security experts say that whatever technical evidence intelligence agencies may gather, attribution remains a political exercise. That would not be good for anyone, but it may be necessary to protect the country in the future.

Timing-wise, the US government imposed stronger sanctions on North Korea last month over the country's nuclear and ballistic missile programs, and it's likely that it's now seeking further diplomatic leverage.

According to Bossert, those responsible for the cyber attacks against the USA would be held accountable, but did not mention any specifics regarding the actions Washington was considering taking against the rogue state.

Other reports by Ligue1talk

Discuss This Article