Why the U.S. is blaming North Korea for the WannaCry hack
White House homeland security adviser Tom Bossert speaks during the daily news briefing at the White House on Sept. 11. Photo: Carolyn Kaster / AP
According to White House Homeland Security Advisor Tom Bossert, there are "technical links to previously identified North Korean cyber tools" that helped the U.S. trace the origin of the WannaCry ransomware attack, which stemmed from the NSA cyber arsenal. However, Bossert told reporters Tuesday morning that much of the information that led the U.S. to declare North Korean responsibility is private.
Context: WannaCry is thought to have been launched via an advanced persistent threat group called Lazarus Group, which is suspected of having links with North Korea. That group was suspected of launching an attack on Sony before the release of "The Interview," which showed Kim Jong-un being assassinated. The group also allegedly tried to pull off a bank heist via the central bank of Bangladesh.
What else we know:
- Bossert said he doesn't believe that North Korea got a lot of the money it raised from the WannaCry attack.
- The Department of Homeland Security is now calling on all companies to commit to U.S. collective defense, per Jeanette Manfra, assistant secretary for the Office of Cybersecurity and Communications at DHS. But Bossert wouldn't go so far as to say that an attack on a U.S. company constitutes an attack on the country.
- DHS plans to move beyond offering voluntary assistance on cybersecurity issues and instead plans on intervening directly when necessary, per Manfra.
Go deeper: The world's top cyber powers