In the article titled, "It's Official: North Korea Is Behind WannaCry," Bossert points the finger at North Korea for being behind the cybercrime in which millions of users' computer data was encrypted and then ransomed for bitcoins. The attack slowed down after a mistake in WannaCry's code revealed a kill switch that prevented infected computers from spreading the virus.
"Cybersecurity isn't easy, but simple principles still apply. Accountability is one, cooperation another," Bossert wrote in his article. "They are the cornerstones of security and resilience in any society. In furtherance of both, and after careful investigation, the US today publicly attributes the massive ‘WannaCry' cyber attack to North Korea."
In a White House press briefing Tuesday morning, Bossert claimed that the US came to this conclusion after a "careful investigation."
"We don't do this lightly," Bossert said during the briefing. "We do so with evidence and with partners," adding that Canada, New Zealand, Japan, Australia and the United Kingdom all agree that North Korea is responsible.
"While victims received ransom demands, paying did not unlock their computers," the homeland security adviser wrote. "It was cowardly, costly and careless. The attack was widespread and cost billions, and North Korea is directly responsible."
On Radio Sputnik's Loud & Clear, financial policy analyst Daniel Sankey asserted his belief that North Korea is not behind the cyberattack.
"I'm a little suspicious myself. The drums of war have been beaten against [North Korea] for some time now and it's very convenient that now this severe cyberattack is being laid against the doors of North Korea," Sankey told hosts John Kiriakou and Brian Becker.
"And of course, as usual, we can take the intelligence community's word for it because they know better than us and they published it in the Wall Street Journal — so it must be North Korea," he added sarcastically.
"I am a little skeptical because a big part of the virus was extorting various users to send bitcoin in exchange for access to their files again. In the end, they stole about $55,000 in bitcoin and that's not enough money for North Korea to trouble itself with," Sankey said.
"Also, what is North Korea going to do with bitcoin? They need commodities, they need cash, they need access to different markets. They don't need bitcoin. How are they going to turn that into oil or coal or various other things they need? How are they going to convert that into a convertible currency? It's really not feasible."
Although Bossert said that the US did "not make the allegation lightly," he didn't provide any solid evidence and simply alluded to National Security Agency and Microsoft research. He also referred to the UK's determination in October that North Korea was responsible for the attack.
In May, security firms discovered a link between the ransomware and southern China during an investigation of the code's notes, which revealed that WannaCry's creators were fluent in a form of Chinese very common in that region.
According to security firm Flashpoint, which conducted the analysis, "A typo in the note, "帮组" (bang zu) instead of "帮助" (bang zhu) meaning "help," strongly indicates the note was written using a Chinese-language input system rather than being translated from a different version. More generally, the note makes use of proper grammar, punctuation, syntax, and character choice, indicating the writer was likely native or at least fluent."
Although the linguistic analysis of the code did not reveal any Korean, the US has still confidently asserted that North Korea is responsible, and Sankey believes it's because the underlying problem behind the attacks actually has nothing to do with the hackers but with intelligence communities, who may be actually be responsible for the crimes.
"I think that the real problem is that intelligence communities are becoming aware of vulnerabilities in these systems, and rather than working with the private sector to protect consumers and peoples' data, they are just sitting on those vulnerabilities so that they can use them later to hack systems."
In his editorial, Bossert concludes, "Mr. Trump has already pulled many levers of pressure to address North Korea's unacceptable nuclear and missile developments, and we will continue to use out maximum pressure strategy to curb Pyongyang's ability to mount attacks, cyber or otherwise."
With the Trump administration's increased use of aggressive language against North Korea's continued nuclear weapon tests and with this new allegation that the country is responsible for WannaCry, it doesn't appear that the relationship between the two is going to be getting better anytime soon.
