The U.S. government is publicly acknowledging that North Korea was behind the WannaCry computer worm that affected more than 230,000 computers in over 150 countries earlier this year.
As a result, the Trump administration will be calling on “all responsible states” to counter North Korea’s ability to conduct cyberattacks and to implement all “relevant” United Nations Security Council sanctions, according to a U.S. official familiar with the matter.
Trump’s homeland security adviser, Tom Bossert, made the announcement in a Wall Street Journal op-ed Monday evening and will follow up with a statement Tuesday morning.
North Korea was widely suspected to have created the virus, which was paired with ransomware that encrypted data on victims’ computers and demanded money to restore access. Until now, the U.S. government has not publicly stated as much.
In June, The Washington Post reported that the National Security Agency had linked North Korea to the creation of the worm. In October, the British government declared that it believed North Korea was the culprit. The following month, the CIA issued a similar classified assessment, which has not been previously reported.
The official noted that the U.S. government has released technical details of North Korean cyber-tools and operational infrastructure and has worked with other countries to lessen North Korea’s ability to conduct further tests or generate illicit funding.
The May 12 global cyberattack affected critical sectors, including health care, “potentially putting lives at risk,” said the official, who spoke on the condition of anonymity to discuss a move not yet public. This follows a pattern of disruptive and harmful cyber activity by the reclusive country. Its leader, Kim Jong Un, has pushed for the development of hacker forces as a low-cost, high-impact tool that can rattle the nerves and damage the systems of more powerful nations.
In November 2014, North Korea hacked Sony Pictures’ networks, disrupting computer systems, stealing and releasing corporate emails and demanding that the studio cancel the release of a satirical movie depicting Kim’s assassination. The attack led the Obama administration to impose economic sanctions.
The WannaCry attack, the official said, “demonstrates the importance of basic cyber hygiene, including keeping systems patched and up to date, as well as the need for strong cooperation between public and private sectors to share information, prevent and mitigate cyberthreats.”
The Security Council sanctions on North Korea focus on its activities to develop a nuclear weapon. The administration, however, seems to be linking North Korea’s general pattern of bad behavior, including in cyberspace, to the call to implement all sanctions.