US blames North Korea for WannaCry cyberattack

The Trump administration is expected to call for action preventing North Korea from carrying out the cyberattacks, the Washington Post reports.

Steven Musil Night Editor / News
Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.
Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.
Steven Musil
2 min read
Getty Images

The Trump administration on Monday officially accused North Korea of being behind the massive WannaCry ransomware attack, which held hundreds of thousands of computers hostage earlier this year in the largest cyberextortion scheme ever.

"The [WannaCry] attack was widespread and cost billions, and North Korea is directly responsible," Thomas P. Bossert, Trump's homeland security adviser, said in an op-ed published in the Wall Street Journal on Monday. "We do not make this allegation lightly. It is based on evidence. We are not alone with our findings, either."

As a result, the White House is expected to call on "all responsible states" to neutralize North Korea's ability to conduct cyberattacks and implement all "relevant" UN Security Council sanctions, a US official familiar with the matter told the Washington Post. Bossert is expected to issue a public statement Tuesday morning, the paper said.

Ransomware is malware that encrypts important files, locking people out of their computers unless they pay up to prevent their entire system from being deleted. The attack encrypted, or scrambled, the files on more than 300,000 computers in 150 countries, with victims including hospitals, banks, telecommunications companies and warehouses.

The attack was made possible by a vulnerability in out-of-date versions of Microsoft Windows first uncovered by the National Security Agency and then released by hackers on the internet in May. Microsoft released a patch for the Windows 7 vulnerability in March, but many people apparently didn't update.

Security researchers had previously said they'd found evidence linking a state-sponsored hacking group in North Korea to the WannaCry attack. Computer code found in an early version of the WannaCry malware was identical to code used by the Lazarus Group, a hacking group linked to the government of North Korea, the researchers said.

North Korea is no stranger to accusations of cyberwarfare. The US government has concluded that North Korea was behind the break-in of Sony Pictures' networks in 2014, which resulted in the theft of Social Security numbers from 47,000 employees and leak of embarrassing internal documents and emails.

The White House didn't immediately respond to a request for comment.

The Smartest Stuff: Innovators are thinking up new ways to make you, and the things around you, smarter.

iHate: CNET looks at how intolerance is taking over the internet.