The U.S. blamed North Korea for the WannaCry ransomware attack that affected hundreds of thousands of computers globally this year.
Homeland security adviser Tom Bossert attributed the May attack to the Pyongyang regime in a Wall Street Journal article late Monday. WannaCry crippled parts of the U.K.’s state-run National Health Service and compromised companies such as FedEx Corp. and Nissan Motor Co.
After WannaCry began infecting computers powered by Microsoft Corp.’s Windows via the internet on May 12, users had 72 hours to pay $300 in bitcoin, or pay twice as much. Paying didn’t unlock their computers, Bossert said.
“It was cowardly, costly and careless,” he wrote. “The attack was widespread and cost billions, and North Korea is directly responsible.”
He called on governments and companies around the world to cooperate to mitigate cyber risk, and said the U.S. should lead the effort.
“Mr. Trump has already pulled many levers of pressure to address North Korea’s unacceptable nuclear and missile developments, and we will continue to use our maximum pressure strategy to curb Pyongyang’s ability to mount attacks, cyber or otherwise,” he wrote.
North Korea has been developing cyber capabilities as trade sanctions and a debilitated domestic economy make it difficult to invest in conventional military capabilities, said Tom Uren, a visiting fellow at the Australian Strategic Policy Institute’s International Cyber Policy Centre.
“Having a formal report gives more weight to negotiations when the U.S. approaches China, or Russia or anywhere else that might be providing North Korea with internet services,” Uren said. “It gives them something else to bring to the table.”
The U.K. government in October blamed North Korea for the attack on the NHS. Kim Jong Un’s regime denied any connection. Until now, the U.S. hadn’t publicly named Pyongyang as being behind the attack.
While North Korea allows internet access to only a small portion of its population, it began to train its techno soldiers in the early 1990s, according to South Korea’s Defense Security Command. The country probably employs 1,700 state-sponsored hackers, backed by more than 5,000 support staff, according to ASPI.
North Korea has grown increasingly adept at breaking into computer systems around the world for financial gain and strategic benefit. This year, his cyber warriors have been linked to stolen U.S.-South Korean military plans and the alleged theft of $60 million from a Taiwan bank.
The hackers drew international headlines in 2014 when they allegedly broke into Sony Corp.’s movie business as it was preparing to release “The Interview,” a Seth Rogen and James Franco comedy about meeting the North Korean leader.