News, Security

US government officially attributes WannaCry cyber-attack to North Korea

Tom Bossert, White House, Homeland Security, WannaCry cyber-attack
White House homeland security adviser Tom Bossert

The United States government has officially named North Korea as the responsible party for the WannaCry cyber-attack in May.

“After careful investigations, the United states is publicly attributing the massive WannaCry cyber-attack to North Korea,” said White House homeland security adviser Tom Bossert in a press briefing on Tuesday.

“We do not make these allegation lightly, we do so with evidence and we do so with partners.”

According to Bossert, Facebook, Microsoft, and other major tech companies had disabled a number of North Korean cyber threats just last week as the nation “continues to infect computers across the globe.”

He said that Facebook took down accounts that stopped the operational execution of ongoing cyber-attacks and Microsoft acted to patch existing attacks, not just the WannaCry attack initially.

Reports highlighted that the US government has assessed that a hacking entity known as Lazarus Group, which works on behalf of the North Korean government, was behind the virus.

In a blog post, Microsoft’s Chief Legal Officer Brad Smith confirmed that the company has worked with Facebook and others in recent weeks to disrupt the activities of the Lazarus group, which Microsoft tracks as ZINC. The company also concluded that the group was responsible for the WannaCry cyber-attack.

“Among other steps, last week we helped disrupt the malware this group relies on, cleaned customers’ infected computers, disabled accounts being used to pursue cyberattacks and strengthened Windows defenses to prevent reinfection,” said Smith in the post. “We took this action after consultation with several governments, but made the decision independently. We anticipate providing more information about our actions and their effect in the coming months once we have had the opportunity to analyze applicable data and information.”

Meanwhile, a Facebook spokesman has also reportedly confirmed that the company last week deleted accounts associated with a North Korea-linked hacking entity known as Lazarus Group “to make it harder for them to conduct their activities.”

According to a Reuters report, Facebook said the accounts were mostly personal profiles operated as fake accounts that were used to build relationships with potential targets. The company also noted that it already notified individuals in contact with these accounts.

In October, the UK government had said that it is “as sure as possible” that North Korea carried out the WannaCry malware attack which devastated NHS IT systems earlier this year.

Bossert also said that other governments including , the United Kingdom, Australia, Canada, New Zealand and Japan have all seen the analysis of the US government’s investigations and have joined in “denouncing North Korea for WannaCry.”

The ransomware crippled hospitals, banks and other companies infecting more than 230,000 computers in over 150 countries across the globe. There have not been any known cases of WannaCry infections in the UAE or the Middle East in general.

Previous ArticleNext Article

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.


The free newsletter covering the top industry headlines