White House fingers N.Korea for WannaCry attacks

By Michael Hernandez

WASHINGTON (AA) - The White House on Tuesday formally blamed North Korea for a massive "careless and reckless" ransomware attack.

President Donald Trump's Homeland Security Advisor Tom Bossert told reporters that in addition to fellow governments, including the United Kingdom, Australia, Canada, New Zealand and Japan, industry leaders including Microsoft have agreed North Korea's "cyber affiliates" are responsible for the WannaCry attack.

Bossert specifically blamed Pyongyang's senior leadership for the attack, saying "everything that happens in North Korea happens with and by the direction of their leadership.

"North Korea has acted especially badly, largely unchecked for more than a decade," he said. "This malicious behavior is growing more egregious, and stopping that malicious behavior starts with this step of accountability."

WannaCry affected hundreds of thousands of Microsoft operating system computers in more than 150 countries, holding files hostage unless users paid hundreds of dollars in bitcoin to have them unencrypted. In addition to regular users, the attack affected major businesses, causing major financial damages to American courier FedEx, Spanish telecom Telefonica, and crippling operations at a series of health care providers, including Britain's National Health Service.

The attack came to a halt when British hacker Marcus Hutchins discovered a "kill switch" within the malware that could be used to shut down its operations.

WannaCry used a security exploit stolen from the National Security Agency (NSA). The NSA did not report the security flaw to Microsoft, and the company later blamed the agency for "stockpiling" vulnerabilities it could use for its cyber activities.

"This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem," Microsoft President Brad Smith wrote in a company blog post in May. "We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world."

Bossert denied the NSA has any responsibility for the attack, but acknowledged the "U.S. government needs to better protect its tools."