The United States government has officially blamed North Korea for the WannaCry ransomware cyber attacks. WannaCry unfurled worldwide in May and infected over 300,000 devices in 150 countries.
Tom Bossert, White House Homeland Security Adviser, called the attack “careless and reckless” that “affected individuals, industry, governments and the consequences went beyond economic.”
The massive ransomware attack applied the EternalBlue exploit in order to spread the malware over corporate LANs and wireless networks. Even before the accusation, various security experts have linked WannaCry to North Korea’s Lazarus Group. The group works on behalf of the North Korean government.This group is also believed to be responsible for the Sony Pictures Entertainment hack in 2014. At the time attackers destroyed information, leaked communications and data.
According to T. Bosser at the Wall Street Journal, “After careful investigation, the U.S. today publicly attributes the massive WannaCry cyberattack to North Korea.”
The T. Bosser’s analysis of the WannaCry ransomware attacks was also presented to other governments, including the United Kingdom, Canada, Japan and Australia. These also joined to denounce the group in North Korea for the outbreak.
In addition, Microsoft, Symantec, and other known names in cybersecurity community indicated that WannaCry was traced to North Korea.
North Korea has acted especially badly, largely unchecked, for more than a decade, and its malicious behavior is growing more egregious. WannaCry was indiscriminately reckless.
According to Tim Erlin, the Vice President of Product Management and Strategy at Tripwire, the accurate attribution for cyber attacks is actually a delicate task.
This conclusion about North Korea’s culpability isn’t new. The UK discussed the very same conclusion in October, with the very same caveats about sharing the actual evidence. You can’t arrest a nation-state, which inevitably prevents any real closure on an incident like WannaCry. We’re going to have national security organizations delivering these types of conclusions on attribution to the public, we need to find a way to develop trusted output.
What is more, the ExternalBlue exploit that was used in WannaCry attacks made public by an unidentified group which is under control by offensive hacking tools possibly established by the NSA. The exploit was able to use the SMBv1 bug in Windows operating system which was patched by Microsoft on March 14.
During the wannaCry outbreak, the cybercriminals asked for about $300 ransom demand for a decryption key which unlocks encrypted files.
Marcus Hutchins, also known as the WannaCry Hero helped to blunt the ransomware outbreak. However, he was Arrested in August and accused of developing and distributing the Kronos malware.