US blames North Korea for major ransomware attack

Trump administration says Pyongyang ‘directly responsible’ for cyberattack that hit hundreds of thousands of computers worldwide, including Britain’s National Health Service

By AP 19 December 2017, 6:20 am Edit
In this Sept. 11, 2017, file photo, White House homeland security adviser Tom Bossert speaks during the daily news briefing at the White House, in Washington. (AP Photo/Carolyn Kaster, File)
In this Sept. 11, 2017, file photo, White House homeland security adviser Tom Bossert speaks during the daily news briefing at the White House, in Washington. (AP Photo/Carolyn Kaster, File)

President Donald Trump’s administration is publicly blaming North Korea for a ransomware attack that infected hundreds of thousands of computers worldwide in May and crippled parts of Britain’s National Health Service.

Homeland security adviser Tom Bossert wrote in a Wall Street Journal op-ed published Monday night that North Korea was “directly responsible” for the WannaCry ransomware attack and that Pyongyang will be held accountable for it.

Bossert said the administration’s finding of responsibility is based on evidence and confirmed by other governments and private companies, including the United Kingdom and Microsoft.

Bossert said the Trump administration will continue to use its “maximum pressure strategy to curb Pyongyang’s ability to mount attacks, cyber or otherwise.”

Pyongyang has previously denied hacking allegations.

The WannaCry attack struck more than 150 nations in May, locking up digital documents, databases and other files and demanding a ransom for their release.

Illustrative: Staff monitoring the spread of ransomware cyberattacks at the Korea Internet and Security Agency (KISA) in Seoul, May 15, 2017. (AFP/ YONHAP)

It battered Britain’s National Health Service, where the cyberattack froze computers at hospitals across the country, closing emergency rooms and bringing medical treatment to a halt. Government offices in Russia, Spain, and several other countries were disrupted, as were Asian universities, Germany’s national railway and global companies such as automakers Nissan and Renault.

The WannaCry ransomware exploited a vulnerability in mostly older versions of Microsoft’s Windows operating system. Affected computers had generally not been patched with security fixes that would have blocked the attack. Security experts, however, traced the exploitation of that weakness back to the US National Security Agency; it was part of a cache of stolen NSA cyberweapons publicly released by a group of hackers known as the Shadow Brokers.

Microsoft president Brad Smith likened the theft to “the US military having some of its Tomahawk missiles stolen,” and argued that intelligence agencies should disclose such vulnerabilities rather than hoarding them.

WannaCry came to a screeching halt thanks to enterprising work by a British hacker named Marcus Hutchins, who discovered that the malware’s author had embedded a “kill switch” in the code. Hutchins was able to trip that switch, and the attack soon ended. In an unusual twist, Hutchins was arrested months later by the FBI during a visit to the US; he pleaded not guilty and now awaits trial on charges he created unrelated forms of malware.

Most Popular
read more:
If you’d like to comment, join
The Times of Israel Community.
JOIN THE TOI COMMUNITY
Join The Times of Israel Community
Commenting is available for paying members of The Times of Israel Community only. Please join our Community to comment and enjoy other Community benefits.
Please use the following structure: example@domain.com
Confirm Mail
Thank you! Now check your email
You are now a member of The Times of Israel Community! We sent you an email with a login link to . Once you're set up, you can start enjoying Community benefits and commenting.