The US Government Formally Accuses North Korea for WannaCry – Promises to “Secure the Internet It Invented”
WannaCry ransomware outbreak that hit several major businesses and hospitals in the United Kingdom earlier this year was carried out by North Korea, the United States government has accused. The Trump administration has said that Pyongyang was "directly responsible" for the WannaCry malware attack. The ransomware attack targeted over 300,000 systems in over 150 nations, with a focus on the UK hospitals and businesses. According to experts, it had caused billions of dollars of damage. However, the damage isn't just economic as it put lives at risk in the UK, the President's aide has said.
The accusation comes directly from the US President's office, as Thomas Bossert, an aide to President Donald Trump, made the allegations public in a Wall Street Journal (paywall) op-ed this evening.
"After careful investigation, the U.S. today publicly attributes the massive “WannaCry” cyberattack to North Korea."
Bossert went on to add that the US government isn't making this allegation lightly, as it is based on evidence. "We are not alone with our findings, either," he wrote. "Other governments and private companies agree." The UK had also previously accused North Korea for the outbreak.
The accusation comes as the United States rallies efforts from both the governments and tech companies to hold the country accountable, possibly with sanctions.
Stopping malicious behavior like this starts with accountability. It also requires governments and businesses to cooperate to mitigate cyber risk and increase the cost to hackers. The U.S. must lead this effort, rallying allies and responsible tech companies throughout the free world to increase the security and resilience of the internet.
Bossert said that the "change has started at the White House," as the President has also continued Obama-era "sanctions on Russian hackers and directed the most transparent and effective government effort in the world to find and share vulnerabilities in important software."
Keeping the Russian sanctions as a basis, the US government will continue to make the internet safer by holding those accountable who harm or threaten it, President's aide wrote.
Malicious hackers belong in prison, and totalitarian governments should pay a price for their actions. The rest of us must redouble our efforts to improve our collective defenses. The tool kits of totalitarian regimes are too threatening to ignore.
In its accusation, Washington hasn't mentioned any indictments, hackers, or criminal groups - it is unclear if a more formal announcement will be made available after this WSJ piece.
Kaspersky comes back in the conversation
The Russian antivirus firm continues to be used as a pawn in the geopolitical fight according to Kaspersky's founder and CEO. Even after the company having sued the Trump administration, the US government continues to refer to its removal as important. "A company that could bring data back to Russia represents an unacceptable risk on federal networks," he wrote.
Bossert also mentioned charges against Iranian hackers, Canadian, and Chinese nationals for hacking US systems or companies.
We will rally our allies, and we will ensure the U.S. is again the leader in securing the internet we invented.
Bossert suggests that President Trump "has already pulled many levers of pressure to address North Korea’s unacceptable nuclear and missile developments," and the government will continue to use its "maximum pressure strategy to curb Pyongyang’s ability to mount attacks, cyber or otherwise."