Homeland Security Adviser Pins Wannacry Attack On North Korea In Wall Street Journal Op-Ed
from the so-that's-the-way-we're-doing-things-now dept
With politically-expeditious timing, Homeland Security Advisor Tom Bossert has pinned the Wannacry attacks on North Korea. The delivery method for the news was odd as well: a "commentary" piece in the Wall Street Journal's op-ed pages.
Cybersecurity isn’t easy, but simple principles still apply. Accountability is one, cooperation another. They are the cornerstones of security and resilience in any society. In furtherance of both, and after careful investigation, the U.S. today publicly attributes the massive “WannaCry” cyberattack to North Korea.
The attack spread indiscriminately across the world in May. It encrypted and rendered useless hundreds of thousands of computers in hospitals, schools, businesses and homes. While victims received ransom demands, paying did not unlock their computers. It was cowardly, costly and careless. The attack was widespread and cost billions, and North Korea is directly responsible.
We do not make this allegation lightly. It is based on evidence. We are not alone with our findings, either. Other governments and private companies agree. The United Kingdom attributes the attack to North Korea, and Microsoft traced the attack to cyber affiliates of the North Korean government.
While it's nice to hear this is "based on evidence" and that a "careful investigation" was performed, the op-ed piece still raises questions. Attribution is always difficult, but there seems to be info missing.
Wannacry was ransomware, but nowhere in Bossert's piece is there any indication North Korea turned a profit. The article says Wanncry "cost" billions, but it doesn't say anything about North Korea suddenly being awash in illicitly-obtained cash.
Also glossed over in Bossert's tough-talking attribution announcement/cybersecurity muscle flexing is the original source of the Wannacry ransomware: purloined NSA exploits. There are all kinds of problems with Bossert's announcement, as Marcy Wheeler points out:
The guy who — well after it was broadly known to be wrong — officially claimed WannaCry was spread by phishing is now offering this as his evidence that North Korea is the culprit:
We do not make this allegation lightly. It is based on evidence.
A representative of the government whose tools created this attack, said this without irony.
The U.S. must lead this effort, rallying allies and responsible tech companies throughout the free world to increase the security and resilience of the internet.
And the guy whose boss has, twice in the last week, made googly eyes at Vladimir Putin said this as if he could do so credibly.
As we make the internet safer, we will continue to hold accountable those who harm or threaten us, whether they act alone or on behalf of criminal organizations or hostile nations.
None of this necessarily adds up to the US government pinning the attacks on the wrong entity, but given the pedigree of the mouthpiece and the administration's desire to minimize reports of Russian government-directed cyberattacks, pinning this on the President's favorite Twitter punching bag (MSM notwithstanding) seems more convenient than accurate.
Even if it's 100% accurate, there had to have been better ways to deliver this news than with a threat of actual, physical war appended. Bossert's piece -- after glossing over the NSA's inadvertent contribution to the worldwide ransomware attack and throwing some shade at the previous administration -- wraps everything up with this:
As for North Korea, it continues to threaten America, Europe and the rest of the world—and not just with its nuclear aspirations. It is increasingly using cyberattacks to fund its reckless behavior and cause disruption across the world. Mr. Trump has already pulled many levers of pressure to address North Korea’s unacceptable nuclear and missile developments, and we will continue to use our maximum pressure strategy to curb Pyongyang’s ability to mount attacks, cyber or otherwise.
Using cyberattacks as an excuse for IRL attacks is a scary idea. The Trump Administration seems willing to draw down on North Korea at any moment, which isn't good news for anyone anywhere in the world. And it follows the newly-minted tradition established by the Obama Administration: mixing and matching war metaphors to treat cyberattacks like Pearl Harbor.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: attribution, north korea, ransomeware, tom bossert, wannacry
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
Posters? Please. That shit is last century. We spread propaganda through Internet memes these days.
And now I wonder when we’ll see the first anti-NK Loss.jpg edit.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Isn't this...
Almost like they have a deep-seated need to blame NK for everything and anything.
[ link to this | view in chronology ]
Re: Isn't this...
[ link to this | view in chronology ]
Does it even matter where the Wannacry attacks came from?
They exploits used in Wannacry were preserved by the CIA (meaning they weren't published and fixed) so that the CIA could use them.
When one country hijacks and uses another country's illegal weapon we still blame the origin country for creating the illegal weapon in the first place.
Then we concern ourselves with what the hijacking country did.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
2. This generates another handy occasion to have a go at "industry" for "security" to prod them to do what authoritarians in government want (work with them under the table, hand over data, compromise products, make questionable new "security efforts", backdoor encryption, etc.) instead of suggesting they ever write better code, make less insanely insecure products, or exercise ancient, basic security measures in their networked systems.
And a good time was had by all.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
The US wasn't really in the habit of starting wars until the Spanish-American war.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
There's more than one meaning of "cost," you know. Especially in the context of an attack or natural disaster that inflicts damage.
[ link to this | view in chronology ]
OP-ED
Which of these 2 words, has NO MEANING??
OPINION
EDITORIAL
[ link to this | view in chronology ]
Ever since they went out of their way to present the world with evidence of Iraq's WMD's, whereas they knew it were lies...
I guess I'm not the only one not even bothering to read what their evidence is this time around.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
where was it?
yeah, they did find some old crap and destroyed it while damaging their health in doing so .... and now the VA says too fucking bad - you're on your own. Big orange turd says they knew what they were getting in to.
They way we treat our vets is disgusting.
[ link to this | view in chronology ]
Tom Bossert says...
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
IRL vs Online
[ link to this | view in chronology ]