The Trump administration on Monday evening publicly acknowledged that North Korea was behind the WannaCry computer worm that affected more than 230,000 computers in over 150 countries earlier this year.
As a result, the administration will be calling on “all responsible states” to counter North Korea’s ability to conduct cyberattacks and to implement all “relevant” United Nations Security Council sanctions, according to a U.S. official familiar with the matter.
“The [WannaCry] attack was widespread and cost billions, and North Korea is directly responsible,” Thomas P. Bossert, Trump’s homeland security adviser, said in an op-ed published in the Wall Street Journal on Monday. “We do not make this allegation lightly. It is based on evidence. We are not alone with our findings, either.”
He is expected to issue a public statement Tuesday morning.
North Korea was widely suspected to have created the virus, paired with ransomware that encrypted data on victims’ computers and demanded money to restore access. Until now, the U.S. government had not publicly stated as much.
In June, The Washington Post reported that the National Security Agency had linked North Korea to the creation of the worm. In October, the British government declared that it believed North Korea was the culprit. The following month, the CIA issued a similar classified assessment, which has not been previously reported.
The official noted that the U.S. government has released technical details of North Korean cyber-tools and operational infrastructure and has worked with other countries to lessen North Korea’s ability to conduct further tests or generate illicit funding.
The May 12 global attack hit critical sectors, including health care, “potentially putting lives at risk,” said the official, who spoke on the condition of anonymity to discuss a move not yet public. This follows a pattern of disruptive and harmful cyber-activity by the reclusive country. Leader Kim Jong Un has pushed to develop hacker forces as a low-cost, high-impact tool that can rattle the nerves and damage the systems of more powerful nations.
In November 2014, North Korea hacked Sony Pictures’ networks, disrupting computer systems, stealing and releasing corporate emails and demanding that the studio cancel the release of a satirical film depicting Kim’s assassination. The attack led to economic sanctions from the Obama administration.
The WannaCry attack, the official said, “demonstrates the importance of basic cyber hygiene, including keeping systems patched and up to date, as well as the need for strong cooperation between public and private sectors to share information, prevent and mitigate cyberthreats.”
The Security Council sanctions on North Korea focus on its activities to develop a nuclear weapon. The administration, however, seems to be linking North Korea’s general pattern of bad behavior, including in cyberspace, to the call to implement all sanctions.
Democratic lawmakers criticized the disparity in the administration’s response to Russian hacking in the 2016 election and its reaction to North Korea’s cyber activities. “President Trump is handling the intelligence assessments regarding North Korea and Russia completely differently, staging an elaborate media roll-out to press on sanctions against North Korea while at the same time discrediting the assessment by these very same intelligence agencies that the Kremlin interfered with our election,” said Rep. Elijah E. Cummings (D-Md.), ranking member on the committee on oversight and government reform.