1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

US and UK blame North Korea for WannaCry cyberattack

December 19, 2017

The UK has joined the US in publicly blaming North Korea for the devastating WannaCry hacking attack earlier this year. The cyberattack took down computer systems in 150 countries and caused widespread chaos.

https://p.dw.com/p/2pbkD
Employees watch electronic boards to monitor possible ransomware cyberattacks at the Korea Internet and Security Agency in Seoul, South Korea
Image: picture alliance/AP Photo/Y.Dong-jin

The United Kingdom's foreign office has joined US homeland security in its conclusion that North Korea was responsible for the massive WannaCry ransomware attack earlier this year.

A statement by UK foreign office minister Nazir Ahmed echoed prior accusations levelled by US homeland security adviser Tom Bossert in a Wall Street Journal op-ed , in which he wrote that North Korea was "directly responsible" for May's ransomware attack and that Pyongyang would be held accountable. Bossert said the finding was based on evidence and that it had been confirmed by other governments and private companies, including the UK and Microsoft.

Read more: North Korea link to WannaCry ransomware 'highly likely'

He said the Trump administration would continue to use its "maximum pressure strategy to curb Pyongyang's ability to mount attacks, cyber or otherwise."

A senior US administration official told the Reuters news agency that the White House would issue a formal statement of blame on Tuesday. The official said they had a "very high level of confidence" that hacking outfit Lazarus Group carried out the attack on behalf of the North Korean government.

After concurring that it was "highly likely" Pyongyang was behind the attack, the UK's Nazir Ahmed added: "We condemn these actions and commit ourselves to working with all responsible states to combat destructive criminal use of cyberspace. The indiscriminate use of WannaCry demonstrates North Korean actors using their cyber program to circumvent sanctions."

Read more: North Korea 'hacked US-South Korea war plans'

Global systems crippled

The May attack infected hundreds of thousands of computers around the world and crippled hospitals, banks and other companies. Parts of Britain's National Health Service were shut down by the attack, while companies such as FedEx said they had incurred losses in the hundreds of millions of dollars.

Independent research groups have previously attributed the attack to North Korea. The attack originally looked like a standard ransomware intrusion, but researchers believe that was a ruse to disguise a more malicious intent.

The attack exploited a Windows vulnerability that was originally developed by the US National Security Agency, but was released in a stolen cache of NSA cyberweapons by hacking group known as the Shadow Brokers.

Read more: Why it's 'hard to protect yourself' online

Lazarus Group has in the past been accused of being responsible for the 2014 hack of Sony Pictures Entertainment that destroyed files, leaked corporate communications and led to the departure of top studio executives.

aw/cmk (AP, Reuters)