North Korea Suspected as Responsible for WannaCry Attack

According to the homeland security adviser to the White House, Tom Bossert, international blame for the global WannaCry attack is being directed toward North Korea. Responsibility for the attack that spanned from May 12th to the 15th of 2017 has been firmly placed on the Democratic People’s Republic of Korea, which Bossert says is in agreement with the conclusions of Australia, Canada, Japan and New Zealand.

Bossert wrote an opinion-editorial piece for The Wall Street Journal that said:

“We do not make this allegation lightly. It is based on evidence. We are not alone with our findings, either. Other governments and private companies agree. The United Kingdom attributes the attack to North Korea, and Microsoft traced the attack to cyber affiliates of the North Korean government.”

This isn’t exactly news, as it only took a month after the attack to associate WannaCry with a North Korean hacking group named Lazarus.

Thanks to the efforts of another hacking group, the National Security Agency lost EternalBlue, an exploit that took advantage of a critical flaw in Windows Server Message Block. WannaCry took advantage of the EternalBlue exploit to launch a worldwide malware campaign in April of 2017, infecting thousands and causing healthcare providers to shut their doors.

In response, Facebook and Microsoft formed a partnership to help fight off any future attacks like WannaCry. While they will hopefully never need to take action, it is a good thing they are preparing. Bossert has stated that North Korea has shifted its focus away from nuclear threats, turning its attention instead towards cyberwarfare to fund their other initiatives and terrorize the world.

So why should this matter to your business?

Simply put, these actions should light a fire and push you to ensure that you have a comprehensive security plan in place for your business. While most governments have staggering resources at their disposal, the proper preparations might help you to avoid at least some of the damage.

Texas Professional IT Services LLC is here to assist you as you make those preparations. Call (832) 514-6260 to learn more.