The U.S. is publicly attributing the WannaCry attack to North Korea, White House homeland security adviser Tom Bossert told reporters Tuesday at a briefing at the White House.
“Today took us awhile,” he said of the announcement, but “we believe we now have the evidence to support the assertion.”
Canada, New Zealand and Japan have seen the Homeland Security Department’s analysis and agree with the U.S. conclusion, Bossert disclosed. He said that the U.S. “looked not only at operational infrastructure, but [also] tradecraft and routine used in past attacks.” Bossert also noted that the North used intermediaries to carry out the attacks. Though he didn’t say where those intermediaries were, he noted that outside North Korea, hackers would have access to better technology and tools than are likely available in the North.
He went on to talk about the vulnerabilities that exits in commercial software that are discovered by the government. Ninety percent of the time, he said, the U.S. shares the information about the vulnerability with the company, thus helping companies to improve their products and help prevent their customers from being victimized by hackers. The vulnerabilities the government doesn’t share it keeps “for very specific purposes.”
Microsoft had traced the attack to North Korea, and Bossert pointed out, the company acted to disrupt the North Korean hackers again last week.
The attribution of the attack to North Korea is a little unusual, but it’s evident that the White House decided there was a value in making this information public — that the U.S. has high confidence that the WannaCry attack was orchestrated and directed by the North Korean government, and that its aim was to create havoc and destruction. What the White House is still figuring out is where the administration stands on whether cyber war constitutes an act of war and what retaliatory measures can or should be taken by the U.S.
Identifying North Korea as the perpetrator, Bossert said, is a matter of “simple culpability.” “We’re going to say it. We’re going to shame them for it,” he said.
The Monday announcement that North Korea is behind the WannaCry cyberattack that plagued multiple industries earlier this year — including hospitals, financial systems and other companies — came in an op-ed published in the Wall Street Journal. Bossert wrote that “the attack was widespread and cost billions, and North Korea is directly responsible.”
The hackers took advantage of a vulnerability in Microsoft, forcing the shutdown of businesses in 150 countries around the world by encrypting files to make them inaccessible until victims paid a ransom of $300. But Bossert suggested that raising money was not the main purpose of the hack. That assumption is based on what targets of the attack reported — that most of them didn’t pay, and those who did promptly found that their computers weren’t unlocked. They then informed others that paying wouldn’t end the hack.
Bossert wrote his op ed that WannaCry “encrypted and rendered useless hundreds of thousands of computers … while victims received ransom demands, paying did not unlock their computers. It was cowardly, costly, and careless.”
Asked Tuesday if the U.S. was slow to act, Bossert said, “We took a lot of time to look through classified and sensitive information.” The U.S. was able to make a “confident” attribution. “We can’t get it wrong. We can’t rush it,” he said.
He conceded, ‘We got lucky. In the U.S. we were well-prepared.” And he pointed out thatwho was sophisticated, inadvertently noticed the kill switch and acted to kill it.
Source: CBS News
Photo Credit: TechWorm
Photo Credit: WWAY
Photo Credit: Daily Express