The United States is publicly attributing the WannaCry ransomware attack to North Korea, counterterrorism adviser Thomas Bossert said during a White House briefing. The attack took place for three days in May across 150 countries using the WannaCry ransomware cryptoworm, which encrypted Windows-based PCs and demanded Bitcoins in return.
“This was a careless and reckless attack,” he stated. “It affected individuals, industry, governments. And the consequences were beyond economic. The computers affected badly in the UK and their healthcare system put lives at risk, not just money.”
The United States isn’t simply throwing out accusations in a heated war of words. Bossert said the White House made its final decision “after careful investigation” backed by evidence, and a unanimous agreement with Australia, Canada, Japan, New Zealand, and the United Kingdom. Microsoft is even involved, tracing the WannaCry attack back to “cyber affiliates” of North Korea’s government.
So what now? First, the briefing is part of a public move to hold North Korea accountable for its actions. Second, the United States will spearhead a plan that will bring the government and corporations closer together, thus increasing the cost for hackers by strengthening the nation’s cyber defenses. Good cooperation between the two entities will bring improved security across the board, Bossert said.
During his briefing, Bossert said Microsoft, Facebook, and other technology entities already began purging exploits used by North Korea and shutting down accounts used in attacks. They did so on their own without any government nudging, although he gave a special acknowledgement to Microsoft, whixh addressed exploits prior to the attack that kept many U.S. targets out of the line of fire.
“We call today — I call today, and the President calls today, on the private sector to increase its accountability in the cyber realm by taking actions that deny North Korea and the bad actors the ability to launch reckless and disruptive cyber acts,” he said.
Most of what he said during the White House briefing made its way into his op-ed post on The Wall Street Journal. But the briefing also introduced the nation to Jeanette Manfra, Assistant Secretary for Cybersecurity and Communications at the Department of Homeland Security. She will be joined by Christopher Krebs and Secretary Kirstjen Nielsen to coordinate operations with corporations to beef up cyber security on all fronts.
As an example of a government/corporate collaboration, Manfra relayed the events that began when WannaCry began attacking the Asia-Pacific region. By the end of the first day, all major local internet providers, IT and cybersecurity firms, and more than 30 companies across the nation were providing analytical assistance. This local collaboration between the government and the private sector helped defend the United States against the brunt of the WannaCry attack.
“In many ways, WannaCry was a defining moment and an inspiring one,” Manfra said. “It demonstrated the tireless commitment of our industry partners, a moment that showed how the government and private sector got it right.”
Published at Wed, 20 Dec 2017 04:27:17 +0000