Trump Adviser: North Korea Waged WannaCry Attack
White House declares the North Korean government as perpetrators of the epic ransomware attack that spread around the globe in early May.
December 19, 2017
The Trump administration now has officially confirmed what security researchers worldwide have believed all along: that North Korea was behind the massive WannaCry ransomware attacks earlier this year.
Trump's homeland security adviser Thomas Bossert yesterday wrote in an op-ed piece in The Wall Street Journal that North Korea "is directly responsible" for the attack that infected hundreds of thousands of Windows machines in some 150 countries.
"The attack was widespread and cost billions, and North Korea is directly responsible," Bossert wrote in the editorial.
"We do not make this allegation lightly. It is based on evidence. We are not alone with our findings, either. Other governments and private companies agree. The United Kingdom attributes the attack to North Korea, and Microsoft traced the attack to cyber affiliates of the North Korean government," he wrote.
Security researchers from Google, Kaspersky Lab, and Symantec, were the first to see a connection between the code used in WannaCry with that of a nation-state attack group thought to be out of North Korea, the so-called Lazarus Group. Several other security research teams later confirmed similar findings, and The Washington Post in June reported that the National Security Agency also was confident that Pyongyang executed the attack.
NSA officials reportedly found tactics and techniques in the attack that match those of Reconnaissance General Bureau, the North Korean intelligence agency. US intel officials concluded that hackers sponsored by the North Korean government wrote two versions of WannaCry.
WannaCry spread via a previously unknown flaw in Microsoft's Windows software discovered by the NSA and used by the agency to construct its own hacking tool. That tool and others went public after a data breach at the NSA and the online dump of the tools by Shadow Brokers, a mysterious group that later tried to sell the tools.
Related Content:
About the Author
You May Also Like
Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024