Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

White House Blames North Korea for Cyberattack

The White House on Tuesday publicly accused North Korea of launching a massive cyberattack that hit 150 countries last May — hobbling networks from Britain’s public health system to FedEx.

The White House on Tuesday publicly accused North Korea of launching a massive cyberattack that hit 150 countries last May — hobbling networks from Britain’s public health system to FedEx.

“After careful investigation, the United States is publicly attributing the massive ‘WannaCry’ cyberattack to North Korea,” said White House homeland security advisor Tom Bossert.

“We do not make this allegation lightly, we do so with evidence and we do so with partners,” he added.

Exploiting a security flaw in Microsoft’s Windows XP operating system, the malware infected an estimated 300,000 computers demanding ransom to decrypt data. 

The United States is the latest country to point the finger of blame at Pyongyang, attribution which comes as part of a drive to exert “maximum pressure” on the regime.

As yet, no retaliatory measures have been announced.

Among the infected computers were those at Britain’s National Health Service (NHS), Spanish telecoms company Telefonica and US logistics company FedEx.

London had already blamed North Korea, which hit a third of Britain’s public hospitals.

Pyongyang then denied the allegation, saying it went “beyond the limit of our tolerance” and was a “wicked attempt to lure the international community into harboring greater mistrust of the DPRK.”   

– US government under scrutiny –

Questions had been raised about whether the US government acted in a timely manner to respond to the attack, with Microsoft accusing Washington of spotting the flaw and using it for its own ends.

“This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem,” Microsoft’s Brad Smith said at the time.

“Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage,” he said, claiming that the National Security Agency of spotting the flaw and saying nothing.

Bossert said that the United States kept only 10 percent of security flaws secret and had no policy of “stockpiling” or withholding information from potential targets.

Since coming to office Donald Trump has sought to put pressure on North Korea, as its reclusive leaders edge ever-closer to developing a ballistic missile that could deliver a nuclear warhead to the United States.

Amid a series of tests Trump’s administration has appeared at odds over whether talks could offer a way out of the standoff.

National Security Advisor HR McMaster tried to clean up that question in an interview with the BBC, saying the United States wanted a peaceful solution: “Of course that’s what we want but we are not committed to a peaceful resolution.”

“We are committed to a resolution, we want the resolution to be peaceful. But, as the president has said, all options are on the table and we have to be prepared if necessary to compel the denuclearization of North Korea without the cooperation of that regime.”

Trump’s first National Security Strategy released Monday, declared that “North Korea seeks the capability to kill millions of Americans with nuclear weapons.” 

“Continued provocations by North Korea will prompt neighboring countries and the United States to further strengthen security bonds and take additional measures to protect themselves.”

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Nation-State

FBI says a North Korea-linked threat group known as Lazarus and APT38 is behind the $100 million Horizon bridge cryptocurrency heist.

Cyberwarfare

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Nation-State

A China-linked hackers are exploiting a vulnerability (CVE-2022-42475 ) in Fortinet FortiOS SSL-VPN, Mandiant claims.