U.S. blames North Korea for global WannaCry ransomware attack
The White House is expected to follow up on Tom Bossert's article in the Wall Street Journal
The U.S. government has officially blamed North Korea for the WannaCry ransomware that caused a global outrage to many organisations in May this year.
The announcement came through a published piece in the Wall Street Journal, authored by Tom Bossert, homeland security adviser to President Donald Trump.
"The attack was widespread and cost billions, and North Korea is directly responsible," Bossert said.
"North Korea has acted especially badly, largely unchecked, for more than a decade, and its malicious behaviour is growing more egregious, WannaCry was indiscriminately reckless."
Bossert did not say what action would be taken, however the White House will be issuing a formal statement today.
He also added: "We do not make this allegation lightly. It is based on evidence. We are not alone with our findings, either. Other governments and private companies agree. The United Kingdom attributes the attack to North Korea, and Microsoft traced the attack to cyber affiliates of the North Korean government.
"The consequences and repercussions of WannaCry were beyond economic. The malicious software hit computers in the UK's health-care sector particularly hard, compromising systems that perform critical work. These disruptions put lives at risk."
The WannaCry malware, which hit more than 300,000 computers in 150 countries cost bullion of dollars in damage. The cybercriminals had tricked victims into opening malicious malware attachments to spam emails that appeared to contain legitimate invoices, job offers, security warnings etc., or what is known as social engineering. The ransomware encrypted data on victim computers, demanding payments of $300 to $600 to restore access. A number of victims are known to have paid via the digital currency bitcoin.
In the GCC, infections had been reported in Kuwait, Saudi Arabia and the UAE, although not on the same scale as in Europe.
Bossert also added that cybercriminals should receive harsher punishments and that organisations must step up their security measures.