Virtual Event Now Live: Zero Trust Strategies Summit! - Login for Access
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

White House Blames North Korea for Cyberattack

The White House on Tuesday publicly accused North Korea of launching a massive cyberattack that hit 150 countries last May — hobbling networks from Britain’s public health system to FedEx.

The White House on Tuesday publicly accused North Korea of launching a massive cyberattack that hit 150 countries last May — hobbling networks from Britain’s public health system to FedEx.

“After careful investigation, the United States is publicly attributing the massive ‘WannaCry’ cyberattack to North Korea,” said White House homeland security advisor Tom Bossert.

“We do not make this allegation lightly, we do so with evidence and we do so with partners,” he added.

Exploiting a security flaw in Microsoft’s Windows XP operating system, the malware infected an estimated 300,000 computers demanding ransom to decrypt data. 

The United States is the latest country to point the finger of blame at Pyongyang, attribution which comes as part of a drive to exert “maximum pressure” on the regime.

As yet, no retaliatory measures have been announced.

Among the infected computers were those at Britain’s National Health Service (NHS), Spanish telecoms company Telefonica and US logistics company FedEx.

London had already blamed North Korea, which hit a third of Britain’s public hospitals.

Advertisement. Scroll to continue reading.

Pyongyang then denied the allegation, saying it went “beyond the limit of our tolerance” and was a “wicked attempt to lure the international community into harboring greater mistrust of the DPRK.”   

– US government under scrutiny –

Questions had been raised about whether the US government acted in a timely manner to respond to the attack, with Microsoft accusing Washington of spotting the flaw and using it for its own ends.

“This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem,” Microsoft’s Brad Smith said at the time.

“Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage,” he said, claiming that the National Security Agency of spotting the flaw and saying nothing.

Bossert said that the United States kept only 10 percent of security flaws secret and had no policy of “stockpiling” or withholding information from potential targets.

Since coming to office Donald Trump has sought to put pressure on North Korea, as its reclusive leaders edge ever-closer to developing a ballistic missile that could deliver a nuclear warhead to the United States.

Amid a series of tests Trump’s administration has appeared at odds over whether talks could offer a way out of the standoff.

National Security Advisor HR McMaster tried to clean up that question in an interview with the BBC, saying the United States wanted a peaceful solution: “Of course that’s what we want but we are not committed to a peaceful resolution.”

“We are committed to a resolution, we want the resolution to be peaceful. But, as the president has said, all options are on the table and we have to be prepared if necessary to compel the denuclearization of North Korea without the cooperation of that regime.”

Trump’s first National Security Strategy released Monday, declared that “North Korea seeks the capability to kill millions of Americans with nuclear weapons.” 

“Continued provocations by North Korea will prompt neighboring countries and the United States to further strengthen security bonds and take additional measures to protect themselves.”

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

Omkhar Arasaratnam, former GM at OpenSSF, is LinkedIn's first Distinguised Security Engineer

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.