US blames DPRK for WannaCry, claims new threats countered

World
Europe

Facebook and Microsoft disabled a number of DPRK cyber threats last week, a White House official said on Tuesday, as the United States publicly blamed Pyongyang for a May cyber-attack that crippled hospitals, banks and other companies.

“Facebook took down accounts that stopped the operational execution of ongoing cyber-attacks and Microsoft acted to patch existing attacks, not just the WannaCry attack initially,” White House homeland security adviser Tom Bossert said on Tuesday.

Bossert did not provide details on the actions by the two American tech heavyweights but said the US government was calling on other companies to cooperate in cyber security defense.

A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, US on May 15, 2017. /Reuters Photo

Bossert’s remarks came during a White House news conference in which he blamed Pyongyang for the WannaCry attack that infected hundreds of thousands of computers in more than 150 countries, saying the US government had clear evidence that DPRK was responsible. He did not share that evidence.

A Facebook spokesman confirmed that the company last week deleted accounts associated with a DPRK-linked hacking entity known as Lazarus Group “to make it harder for them to conduct their activities.” They were mostly fake personal profiles that were used to build relationships with potential targets, the spokesman said.

Facebook said it also notified individuals in contact with these accounts.

The actions echoed similar steps the social media powerhouse took this year against suspected Russian accounts that Facebook said were used to promote divisive political messages during the 2016 US presidential election.

In a blog post, Microsoft President Brad Smith said the company last week disrupted malware that the Lazarus Group relied upon, cleaned customers’ infected computers and “disabled accounts being used to pursue cyber-attacks.” Smith said the steps were taken after consultation with several governments, which he did not identify, but Microsoft’s decision was independent.

The WannaCry attack was “meant to cause havoc and destruction,” Bossert said. He conceded there was little the United States could do to exert further pressure on Pyongyang.

“We don’t have a lot of room left here to apply pressure to change their behavior,” Bossert said. “It’s nevertheless important to call them out, to let them know that it’s them and we know it’s them.”

Britain and several private sector security researchers previously concluded that the DPRK was responsible for the attack. Bossert said other countries including Japan, Australia, New Zealand and Canada also agreed with the US conclusion.

Worries are mounting in Washington about the DPRK’s hacking capabilities and its weapons programs. The DPRK this month said it had successfully tested an intercontinental ballistic missile that could place the entire US mainland within range of its nuclear weapons.

11160km

Source(s): Reuters