Cyber-attack: US and UK blame North Korea for WannaCry

December 19, 2017   17H:50  GMT/UTC/ZULU TIME

• Share this with Facebook
 
• Share this with Twitter
 
• Share this with Messenger
 
• Share this with Email
 
• Share

Image copyrightREUTERS

Image captionThe comments came from White House Homeland Security adviser Tom Bossert

by Tamara Kachelmeier and Biodun Iginla, BBC News Technology reporters, New York/San Francisco

The US and UK governments have said North Korea was responsible for the WannaCry malware attack affecting hospitals, businesses and banks across the world earlier this year.

The attack is said to have hit more than 300,000 computers in 150 nations, causing billions of dollars of damage.

It is the first time the US and UK have officially blamed them for the worm.

Thomas Bossert, an aide to US President Donald Trump, first made the accusation in the Wall Street Journal newspaper.

Mr Bossert, who advises the president on homeland security, said the allegation was "based on evidence".

He did not produce any evidence in the article, but said US findings concurred with judgments from other governments and private companies.

He added that Australia, Canada, and New Zealand also share the US conclusion that North Korea was behind the attack.

Following the interview, the UK Foreign Office also blamed "North Korean actors using their cyber programme to circumvent sanctions".

The National Cyber Security Centre assessed that is is "highly likely" that the North Korean Lazarus hacking group had committed the attacks, Minister for Cyber Lord Ahmad said in a statement.

In May, Windows computers hit by the cyber-attack had their contents locked, with users asked to a pay a ransom to have their data restored. EU police body Europol called the scale of the attack "unprecedented".

Image copyrightEPA

Image captionAttackers encrypted user's devices, and typically demanded a ransom of $300-600 in Bitcoin

In the Wall Street Journal piece, Mr Bossert said North Korea must be held "accountable" and that the US would continue to use a "maximum pressure strategy" to hinder the regime's ability to mount cyber-attacks.

He did not specify what action, if any, the US government planned to take in response to the findings.

North Korea is already facing major economic sanctions after being redesignated a state-sponsor of terrorism last month amid tension over its nuclear programme and missile tests.

• Malware, patches and worms defined
• UK say cyber-attack was 'launched from North Korea'

"North Korea has acted especially badly, largely unchecked, for more than a decade, and its malicious behaviour is growing more egregious. WannaCry was indiscriminately reckless," Mr Bossert wrote.

"As we make the internet safer, we will continue to hold accountable those who harm or threaten us, whether they act alone or on behalf of criminal organizations or hostile nations," he went on.

"The tool kits of totalitarian regimes are too threatening to ignore."

He added that Microsoft and Facebook both acted to disable North Korean cyber-attacks "on their own initiative last week, without any direction or participation by the US".

Why blame N Korea now?

Analysis: Gordon Corera, BBC security correspondent

Britain's National Cyber Security Centre, part of the GCHQ signals intelligence agency, first attributed the May 2017 Wannacry attack to North Korea within weeks of the ransomware spreading.

The speed was because the UK led the international investigation after the National Health Service was hit hard.

The US intelligence community may have taken longer to concur with that assessment but there is still the question of why the White House is only going public now.

Governments used to be cautious about attribution in cyber attacks but it is becoming increasingly common - beginning with the claim North Korea was behind the attack on Sony in 2014 and more recently involving Russia's alleged hacking in the 2016 US election.

This latest claim is almost certainly an attempt to put more pressure on North Korea in the crisis over its nuclear programme with the attempt to rally international support behind the notion that the country is a real danger - whether from cyber weapons or nuclear weapons. And to make the case that further action, of some kind, needs to be contemplated.

'Unprecedented attack'

In the UK, the National Health Service (NHS) was hit particularly hard by the cyber-attack, with 48 affected health trusts forced to turn many patients away for appointments and even surgeries.

It spread across the world, with Russia reportedly being badly hit, causing problems to the country's postal service.

Image copyrightKCNA/AFP

Image captionNorth Korea has not yet responded to the US allegation

In 2014, the US claimed North Korea were behind cyber-attacks on Sony Pictures, after it released a film featuring the fictional killing of its leader Kim Jong-un.

• A guide to the cyber-attack on Hollywood

The entertainment company had its films leaked and details of corporate finances and private emails released online.

The North Koreans hit out at former president Barack Obama over the claim, but has not yet responded to the White House accusations about the WannaCry hack.

In October it said rumours from a UK government minister that they were behind the 2017 attack was "groundless speculation", and a "wicked attempt" to tighten international sanctions on the country.

Related Topics

• North Korea
• Cyber-security
• Cyber-attack
• United States

Share this story About sharing

• Email
• Facebook
• Messenger
• Twitter
• Pinterest
• LinkedIn

More on this story

• North Korea 'hacked crypto-currency exchange in South'

  16 December 2017
• Ransomware and the NHS - the inquest begins

  15 May 2017
• Sony hack: North Korea threatens US as row deepens

  22 December 2014
• The Interview: A guide to the cyber attack on Hollywood

  29 December 2014

US & Canada

Derailed US train went 80mph into bend

• 19 December 2017
• From the sectionUS & Canada
•