The Trump administration is officially accusing North Korea of launching a crippling cyberattack that affected hundreds of thousands of computers across the globe earlier this year.
“The attack was widespread and cost billions,” homeland security advisor Tom Bossert wrote in an opinion piece in the Wall Street Journal Monday night.
Pyongyang has long been suspected of distributing a computer virus called WannaCry in May, which locked out users in at least 150 countries from access to files and other critical functions. Among the affected entities was U.S.-based shipping company FedEx, Spanish telecommunications firm Telefonica, and Britain’s National Health Service, which forced hospitals to cancel surgeries and divert ambulances to other facilities. The program demanded a ransom to unlock access to files stored on infected machines.
The WannaCry attack was eventually stopped by a British hacker who discovered a “kill switch” in the code that disabled the virus.
Pyongyang has been blamed for launching several cyberattacks in recent years, including the well-publicized 2014 attack on Sony Pictures Entertainment in retaliation for the company’s production of the satirical film The Interview, which depicts an assassination plot against North Korean leader Kim Jong Un.
“North Korea has acted especially badly, largely unchecked, for more than a decade, and its malicious behavior is growing more egregious,” Bossert wrote in the Wall Street Journal. Bossert vowed the U.S. “will continue to use our maximum pressure strategy to curb Pyongyang’s ability to mount attacks, cyber or otherwise.”
The computer virus used in the attack includes code developed by the National Security Agency that exploited Microsoft’s Windows operating system, and which was published on the Internet in April by a group called Shadowbrokers. Microsoft released a patch in March to protect systems from that vulnerability.