Trump Adviser: North Korea Waged WannaCry Attack
White House declares the North Korean government as perpetrators of the epic ransomware attack that spread around the globe in early May.
December 19, 2017
The Trump administration now has officially confirmed what security researchers worldwide have believed all along: that North Korea was behind the massive WannaCry ransomware attacks earlier this year.
Trump's homeland security adviser Thomas Bossert yesterday wrote in an op-ed piece in The Wall Street Journal that North Korea "is directly responsible" for the attack that infected hundreds of thousands of Windows machines in some 150 countries.
"The attack was widespread and cost billions, and North Korea is directly responsible," Bossert wrote in the editorial.
"We do not make this allegation lightly. It is based on evidence. We are not alone with our findings, either. Other governments and private companies agree. The United Kingdom attributes the attack to North Korea, and Microsoft traced the attack to cyber affiliates of the North Korean government," he wrote.
Security researchers from Google, Kaspersky Lab, and Symantec, were the first to see a connection between the code used in WannaCry with that of a nation-state attack group thought to be out of North Korea, the so-called Lazarus Group. Several other security research teams later confirmed similar findings, and The Washington Post in June reported that the National Security Agency also was confident that Pyongyang executed the attack.
NSA officials reportedly found tactics and techniques in the attack that match those of Reconnaissance General Bureau, the North Korean intelligence agency. US intel officials concluded that hackers sponsored by the North Korean government wrote two versions of WannaCry.
WannaCry spread via a previously unknown flaw in Microsoft's Windows software discovered by the NSA and used by the agency to construct its own hacking tool. That tool and others went public after a data breach at the NSA and the online dump of the tools by Shadow Brokers, a mysterious group that later tried to sell the tools.
Related Content:
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024