North Korea identified as perpetrator of 'wannacry' ransomware attack
- Author: Tracy Klein Dec 21, 2017,
Dec 21, 2017, 1:05
A senior White House official, under the condition of anonymity, said the USA will make an official statement Tuesday confirming its stand on North Korea being behind the cyber attack, Reuters reported.
"The attack was widespread and cost billions, and North Korea was directly responsible", said Tom Bossert, homeland security advisor to USA president Donald Trump in an op-ed piece for the Wall Street Journal.
While Bossert condemned North Korea for the attack, the adviser said that there is little the USA can do to punish the secretive nation's government, emphasizing that the U.S.is not viewing an attack on private computers as an act of war.
Keeping the Russian sanctions as a basis, the USA government will continue to make the internet safer by holding those accountable who harm or threaten it, President's aide wrote. We are not alone with our findings, either.
Stopping malicious behavior like this starts with accountability. The two companies moved to disrupt an ongoing malware operation by the Lazarus Group, the threat group attributed to be associated with North Korea, two weeks ago.
But DHS declined to share details on its own strategies, if any exist, to prevent a similar attack from being carried out by a hostile nation-state in the future, claiming the objective of the announcement was to call out North Korea publicly for its actions. "WannaCry was indiscriminately reckless".
Researchers in South Korea, which hosts some of the world's busiest virtual currency exchanges and accounts for 15 to 25 percent of world bitcoin trading on any given day, say attacks this year on exchanges like Bithumb, Coinis, and Youbit have the digital fingerprints of hackers from North Korea. "The consequences were beyond economic", Mr. Bossert said. "It's nevertheless important to call them out, let them know it's them and we know it's them".
Pyongyang had always been suspected of being behind the "WannaCry" attack, which hit entities including the USA -based shipping company FedEx, Spanish telecommunications firm Telefonica, and Britain's National Health Service, which forced hospitals to cancel surgeries and divert ambulances to other facilities.
The attack was eventually stopped by a British hacker who discovered a "kill switch" in the code that disabled the virus.
Cristiana Brafman Kittner, principal analyst at the cybersecurity firm FireEye, said she could not confirm whether North Korea had actually stolen any virtual currencies, but said hackers linked to it had targeted "multiple exchanges" over the past six to nine months.
North Korea is named by Bossert as the culprit in the attack, however, no particular organization or person affiliated with the North Korean government was specifically named in the homeland security advisor's Op-Ed.