- The US officially blamed North Korea for the WannaCry cyber attack that affected businesses, hospitals, and critical infrastructures around the world in May.
- The Trump administration has gone on a media blitz in recent days, specifically calling out North Korea’s culpability in newspapers and a major press conference.
- Meanwhile, North Korea has repeatedly denied responsibility.
On Tuesday, the White House blamed North Korea for a massive cyber attack that destabilized hospitals, schools, businesses, and infrastructure across 150 countries in May.
“This was a careless and reckless attack. It affected individuals, industry, governments,” said Tom Bossert, the president’s homeland security and counterterrorism adviser.
“We do not make this allegation lightly. We do so with evidence, and we do so with partners,” he added.
Bossert said the UK, Australia, Canada, New Zealand, and Japan concurred with the US government’s analysis. He also called on US companies to partner with the government to help thwart future attacks.
The move comes seven months after suspected North Korean hackers targeted computer systems around the world with WannaCry malware, encrypting vital data and demanding ransom payments in Bitcoin.
The US government says its condemnation is intended to hold the attackers publicly accountable for “malicious behavior” that is “growing more egregious.”
North Korea has previously denied any role in the attack, calling the allegations “ridiculous.”
How this compares to Russia
- Sean Gallup/Getty
The Trump administration has gone on a media blitz to call out North Korea in news releases, a press conference, and an op-ed from Bossert in the Wall Street Journal. That reaction stands in contrast to how Trump has responded to Russia’s hacking of the 2016 reaction.
When reporters asked about the administration’s handling of North Korea’s cyber attacks compared to Russia’s during Tuesday’s press briefing, Bossert defended Trump’s record, citing the president’s decisions to continue sanctions against Russia, extend former President Barack Obama’s executive order on cyber activities, and ban the US government from using the Moscow-based cybersecurity firm Kaspersky Lab.
“I think we’re leading to take bad actors – whether they be Russia, North Korea, at times China and Iran – off the internet and knocking them off their game,” Bossert said. “And I think today is about North Korea, but I welcome the question on Russia. I think we stand with a good record.”
But Alex McGeorge, a cyber threat intelligence expert, told Business Insider that comparing the responses between North Korea and Russia is a valid exercise.
“The [US] Intelligence Community made a much stronger case to the public for why the Russian election meddling was legitimate than we have seen for WannaCry, so it’s an extremely legitimate question,” McGeorge said.
During the WannaCry fiasco in May, McGeorge consulted with a company directly affected by the attack. While he couldn’t legally disclose the extent of the damage, he said the recovery effort was “extreme” and that the company’s international global networks were significantly hampered.
The US has revealed few specifics about how it determined North Korea was behind the WannaCry attack, but McGeorge says keeping the details confidential is necessary to possibly track perpetrators or prevent attacks in the future.
“The US has the best situational awareness of the internet of any country,” he said. “It’s difficult to come out and say, ‘Here’s all the evidence.’ It’s not like a jury trial. You can’t reveal you methods because it will lose some of its efficacy.”
While McGeorge commended the US response, he noted that ultimately it will likely do little to curb future attacks.
“I don’t know that there will be any immediate practical effect,” he said. “North Korea is almost certainly at this moment planning another attack. I don’t think what happened today will give them pause.”