US officials: North Korea ‘directly responsible’ for ransomware attack

US officials: North Korea ‘directly responsible’ for ransomware attack
Jeanette Manfra, chief cybersecurity official for the Department of Homeland Security, speaks on Tuesday about the "Wannacry" virus. DHS announced that the U.S. believes North Korea was behind the cyberattack, during a briefing at the White House in Washington, D.C. (Saul Loeb/AFP/Getty Images)

At a White House briefing Tuesday morning, Department of Homeland Security adviser Tom Bossert blamed North Korea for this year’s “WannaCry” ransomware attack, which affected more than 300,000 computers, requiring $300 via bitcoin to unlock each one.

“We believe now we have the evidence to support this assertion,” Bossert said at the briefing. “It’s very difficult to do when you’re looking for individual hackers. In this case, we found a concerted effort.”

Bossert credited Microsoft and “others in the security community” with tracing the attack to the North Korean government.

During the speech, Bossert referred to the attack as “cowardly, costly and careless.”

“We do not make this allegation lightly,” Bossert said. “We do so with evidence and we do so with partners,” including the United Kingdom, Australia, Canada, New Zealand and Japan.

U.K. Foreign Office Minister Nazir Ahmed released a statement Tuesday confirming the partnership:

We condemn these actions and commit ourselves to working with all responsible states to combat destructive criminal use of cyberspace. The indiscriminate use of the WannaCry ransomware demonstrates North Korean actors using their cyber program to circumvent sanctions.

Late Monday, the Wall Street Journal released an op-ed by Bossert about the cyberattack.

“The consequences and repercussions of WannaCry were beyond economic,” he wrote. “The malicious software hit computers in the U.K.’s health-care sector particularly hard, compromising systems that perform critical work. These disruptions put lives at risk.”

Bossert credited the Trump administration with instituting change in “the modernization of government information-technology to enhance the security of the systems we run on behalf of the American people.” He said President Donald Trump’s sanctions on hackers have made cyberattacks more punishable.

“We share almost all the vulnerabilities we find with developers, allowing them to create patches,” Bossert added. “Even the American Civil Liberties Union praised [President Trump] for that. He has asked that we improve our efforts to share intrusion evidence with hacking targets, from individual Americans to big businesses. And there is more to come.”

Bossert condemned North Korea’s alleged attacks on U.S., Europe and “the rest of the world — and not just with its nuclear aspirations.”