White House Blames North Korea for WannaCry Attacks

White House Blames North Korea for WannaCry Attacks

The White House has publicly blamed North Korea for the WannaCry ransomware attack earlier this year that locked more than 300,000 computers in 150 countries.

  • By Jessica Davis
  • Dec 20, 2017

The White House has publicly blamed North Korea for the WannaCry ransomware attack earlier this year that locked more than 300,000 computers in 150 countries. White House Homeland Security Advisor Tom Bossert said Tuesday that the attack was ordered by North Korean leader Kim Jong Un.

Bossert formally announced the blame in an op-ed in the Wall Street Journal on Monday night and followed the statement with a White House press conference Tuesday. At the press conference, Bossert said that other nations, including Australia, Canada, Japan and the United Kingdom as well as private sector partners including Microsoft had agreed with the U.S. assessment that North Korea was responsible for the attack, which was “widespread and cost billions”.

“We do not make this allegation lightly. We do this with evidence. We do so with partners,” Bossert said.

The WannaCry attack was considered unprecedented in scale at the time, locking computers at hospitals, universities and businesses and demanding ransom payments and deletion of victims’ data if they didn’t pay. The ransomware was made possible by a flaw in Windows software that was discovered by the U.S. National Security Agency and made publicly available online in an NSA security breach.

Security researchers believe the notorious North Korean hacking entity known as Lazarus Group carried out the attack on behalf of the North Korean government. Bossert said the goal of the announcement was to “name and shame” the North Korean actors.

“North Korea has acted especially badly, largely unchecked, for more than a decade, and its malicious behavior is growing more egregious,” Bossert said. “WannaCry was indiscriminately reckless.”

The attribution represents a move by the Trump administration to work against malicious cyber activity. Last month, the White House published a document about its Vulnerabilities Equities Process in an effort to increase transparency about how it decides whether and when to disclose cybersecurity flaws.

“Stopping malicious behavior like this starts with accountability,” Bossert said. “It also requires governments and businesses to cooperate to mitigate cyber risk and increase the cost to hackers. The U.S. must lead this effort, rallying allies and responsible tech companies throughout the free world to increase the security and resilience of the internet.”

North Korea has repeatedly denied responsibility for WannaCry and called other allegations about cyberattacks a smear campaign. The White House’s accusation comes as worries increase about North Korea’s hacking abilities and nuclear weapons program.

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Featured

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services

  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

  • Report: Nearly 1 in 5 Healthcare Leaders Say Cyberattacks Have Impacted Patient Care

    Omega Systems, a provider of managed IT and security services, today released new research that reveals the growing impact of cybersecurity challenges on leading healthcare organizations and patient safety. According to the 2025 Healthcare IT Landscape Report, 19% of healthcare leaders say a cyberattack has already disrupted patient care, and more than half (52%) believe a fatal cyber-related incident is inevitable within the next five years. Read Now

Most   Popular

New Products

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.