Logo of Phnom Penh Post newspaper Phnom Penh Post - US accuses North Korea of mounting WannaCry cyberattack

US accuses North Korea of mounting WannaCry cyberattack

King’s College Hospital in London on October 13, 2017. Britain’s National Health Service fell victim to a cyberattack known as 'WannaCry' earlier this year.
King’s College Hospital in London on October 13, 2017. Britain’s National Health Service fell victim to a cyberattack known as 'WannaCry' earlier this year. Andrew Testa/The New York Times

US accuses North Korea of mounting WannaCry cyberattack

WASHINGTON — The Trump administration formally accused North Korea on Monday night of creating the WannaCry cyberattack that briefly paralysed the British health system and placed ransomware on computers in dozens of countries around the world.

President Donald Trump’s homeland security adviser, Thomas P. Bossert, wrote in an op-ed published in The Wall Street Journal that the conclusion was “based on evidence” that he did not disclose. He suggested that the United States would act against North Korea — beyond the sanctions now being imposed for its rapid expansion of its nuclear weapons program, writing, “When we must, the US will act alone to impose costs and consequences for cyber-malfeasance.”

The conclusion was not by itself a surprise: The New York Times reported in May that North Korea was the leading suspect in the attack, which encrypted hard drives on hundreds of thousands of computers and demanded the payment of ransom to unlock the data. Later, British officials reported that their forensic evidence and intelligence pointed to Pyongyang, and Bossert wrote that in recent days, Microsoft and other companies that track major threats have closed pathways that the North’s army of hackers could use for similar breaches.

Still, the assertion by the administration, which officials said would be supported at a White House news conference Tuesday, was notable for three reasons.

It came almost three years to the week since President Barack Obama, appearing in the White House press room, accused North Korea’s leadership of mounting a similarly sophisticated cyberattack on Sony Pictures Entertainment. The North was enraged that Sony was releasing a comedy, “The Interview,” envisioning a CIA-ordered assassination of Kim Jong Un, the country’s young leader. That was the first time the United States had accused another nation of a direct, destructive online intrusion on an American target.

But the decision to name the North also stands in stark contrast to how Trump has dealt with evidence that Russian hackers, under orders from President Vladimir Putin, organised the attack on the Democratic National Committee and the information warfare campaign that was meant to influence the 2016 election. Trump has often dismissed the intelligence finding that Russia was behind the hacking, declaring last month, “Putin said he did not do what they said he did.”

It is the same intelligence agencies — and some of the government’s same experts — that built the case against North Korea, according to members of the intelligence community who spoke on the condition of anonymity to discuss the investigation.

But the third, and perhaps most delicate, element of the WannaCry attack revolves around a fact that Bossert did not address in his op-ed: The North exploited vulnerabilities in software developed by the division of the National Security Agency that builds the United States’ cyberweapons. The code pulled off networks and computers compromised by WannaCry appears to have its roots in what the agency formerly called the Tailored Access Operations division, which devised online breaches.

Once it was clear the code had been stolen, the National Security Agency rushed to contain the damage, asking Microsoft to build a “patch” in its operating systems to prevent the attacks. But the agency has never talked about the group that stole the computer code, called the Shadow Brokers, which many officials believe is operating on behalf of the Russian government. But Bossert and his deputy, Rob Joyce, who formerly ran the Tailored Access Operations, have argued that it is the perpetrator of the attacks, not the US government, that must take all of the responsibility for the damage it has wreaked.

“The consequences and repercussions of WannaCry were beyond economic,” Bossert wrote. “The malicious software hit computers in the U.K.'s health care sector particularly hard, compromising systems that perform critical work. These disruptions put lives at risk.”

The assertion by the White House came only hours after Trump published his new national security strategy, which calls for pushing back on states that sponsor cyberactivity. And even some alumni of the Obama administration now agree that they often underreacted to a range of digital threats, including Iran’s 2012 attacks on American banks, the hacking at Sony and the effort by Russia to intervene in the election. Until now, North Korea’s cyberstrikes have prompted almost no punishment.

Bossert seems determined to change that, and he wrote about elements of a new digital strategy that suggests that the Trump administration will be more aggressive in alerting manufacturers to flaws found in their software. But he has been vague about what kind of actions might be taken against those who initiate cyberattacks.

Robert Hannigan, former director of Britain’s Government Communications Headquarters, said last month that in the realm of digital breaches, North Korea had benefited from being underestimated.

“Because they are such a mix of the weird and absurd and medieval and highly sophisticated, people didn’t take it seriously,” he said. “How can such an isolated, backward country have this capability? Well, how can such an isolated backward country have this nuclear ability?”

David E. Sanger/The New York Times

MOST VIEWED

  • Over $3M in traffic fines collected in two months

    Traffic police officers collected over $3 million in fines throughout the Kingdom during the past two months when officers strictly enforced the law in accordance with a May sub-decree, officials said. As incentives, law enforcement officers received between 200,000 and two million riel ($50 to $500) each. The figures

  • More than 10,000 workers suspended

    More than 10,000 workers at 18 factories in Svay Rieng province have been suspended because of Covid-19, said provincial deputy governor Ros Pharith. Home to 11 special economic zones, Pharith said Svay Rieng has not been spared as the pandemic takes a toll on the global economy. “There

  • Nod given for school exams

    The Ministry of Education, Youth and Sport announced that State-run higher educational institutions can hold examinations to end the academic year, while private schools can organise grade 9 and grade 12 examinations at their premises for two days. However, private institutions have to take measures to prevent

  • Oz lauds Kingdom’s passage of money laundering laws

    In a press release published by the Australian embassy in Phnom Penh on Monday, the country applauded Cambodia’s stance on transnational crimes as well as its promulgation of an anti-money laundering law and a law on combating proliferation financing. The praise came after King

  • Lotus face masks designed to cover globe

    A French designer in Cambodia has produced ecological face masks from lotus fibre to supply local and international markets with an eye on preserving ancestral techniques and supporting Cambodian women in rural communities. During a trip to Asia, Awen Delaval, an eco-friendly fashion designer, was

  • Accused not treated equally, says CCHR

    The Cambodia Centre for Human Rights (CCHR) has urged the Court of Appeal to do more to ensure that an accused’s right to a fair trial is fully respected. In a bulletin released on Monday, the CCHR said it had monitored 273 cases at the

  • Fish, frogs to boost local food supply

    The government has disbursed more than $4.5 million to boost aquaculture production and domestic market supply amid the Covid-19 pandemic. Minister of Agriculture, Forestry and Fisheries Veng Sakhon told The Post on Monday that in boosting agricultural production, the ministry has received financing from development partners

  • Planning ministry hands out cash to 420,000 poor families in Kingdom

    The Ministry of Planning has identified 20,000 more poor families in the country, bringing the total to over 580,000, while over 420,000 of them have received the government’s cash assistance. In the meantime, many social security cards from families not deemed to be poor have been revoked.

  • Nature in focus at inaugural film and photo festival

    The first Cambodian Wildlife Photo and Film Festival – an event celebrating the conservation of nature through the eyes of wildlife photographers, nature enthusiasts and conservation experts – is scheduled for July 18-26 at Fauna in Focus’ Nature Discovery Centre in Siem Reap. The festival will be

  • Investors’ $14.4M projects approved

    New investments from local and foreign sources continue to pour into Cambodia despite the Covid-19 pandemic remaining a lingering threat to regional and global economies. This comes as the Kingdom’s gross domestic product (GDP) is expected to contract between one and 2.9 per cent this