The United States government has now officially called out North Korea as the source behind this year’s widespread WannaCry cyberattacks. The government cites strong evidence from Microsoft’s tracing of the attack to cyber affiliates of the North Korean government and says the discovery is further supported by the international community – most notably, the U.K. There has been no disclosure as to how, or even if, government agencies or players in the global political arena plan to respond to the revelation. The U.S. government and other world governments have already placed increasing pressure and sanctions on the country’s government in response to a wide variety of issues over the past year and it isn’t immediately clear how effective those measures have been.
Among those reported infractions of North Korea considered to be most imminently threatening is the continuation of its controversial nuclear weapons program. However, while that threat may seem to be the most immediate, WannaCry has been severely damaging on the world stage. For those who may not recall, the ransomware called WannaCry took advantage of a Windows bug in order to effectively encrypt data on a given device before asking for large sums of money in order to gain access to that data. Of course, the data was not ever retrievable and many systems at hospitals, schools, and businesses were affected – in addition to the ransomware’s effect on individual’s and government-operated systems. Experts have also postulated that the attack was likely more focused on disruption and either destruction or theft of the data being ransomed. The cyber attack cost billions of dollars on a global scale and endangered people whose lives depended on medical equipment tied to those systems. In fact, in a world with a growing degree of connection and dependence on technology and interconnected systems, it could be argued that cyber attacks present a much greater threat than those posed by weapons themselves. That’s especially true since defense systems, weapons launch systems, power grids, and other critical services increasingly depend heavily on connectivity, increasing the risks associated with malware of all types.
North Korea, for its part, has repeatedly denied accountability for the cyber attack over the months since it was begun back in May, despite that several countries and independent organizations have concluded otherwise. However, even as Microsoft places the blame squarely on North Korea, with regard to the attack itself, the company has also been vocal about the fact that the attack was made possible due to the U.S. National Security Agency’s (NSA) initial withholding of information about the Windows exploit used in the attack. As reported early this year, it was at least partially because of an NSA hacking tool built around the exploit which leaked and was retooled that WannaCry was able to be spread. In the meantime, it remains to be seen how this new accusation will impact the already tense relations between the two countries.