Maybe you heard the news that the United States has now "officially blamed" North Korea for the spring 2017 outbreak of WannaCry ransomware.
It is also possible you wondered the same thing we did: what is the point of taking time to name the country, and the "Lazarus Group" the country backs, when others have already done so?
We reached out immediately to the Former Director of Operations at U.S. Cyber Command, Major General (Ret.) Brett Williams, for his perspective. And he spelled it out in plain English.
Three reasons the U.S. needed to blame North Korea for WannaCry
Here are three important reasons, according to Major General Wililams, that it makes sense for the U.S. to officially point to North Korea as the perpetrators of WannaCry instead of just letting the issue drop.
- "As hard as they are working on developing missiles that can reach the United States, they are working even harder on figuring out how to attack us in cyberspace."
- "Compared to deploying an effective ICBM capability, cyber attacks are cheaper, easier, and more difficult to attribute, so less likely to generate a retaliatory response."
- "The fact we are capable and willing to assign attribution for a cyber attack lets others know the U.S. does have the capability to identify those behind cyber attacks when we leverage our full intelligence capabilities."
Williams also says the fact North Korea is increasingly turning to cyber crime to generate income is a sign that sanctions against the country are working.
America's top 3 cyber threats explained
Williams, who is now CSO and President of Operations, Training and Security at IronNet Cybersecurity, says North Korea is on his list of top three cyber threats to the United States as we go into 2018. Here's his 2-minute interview:
The UK joined the U.S. in blaming North Korea and the Lazarus Group for the WannaCry attack. And it promised to fight back.
Says the UK's Foreign Office Minister for Cyber, Lord Ahmad: "International law applies online as it does offline. The United Kingdom is determined to identify, pursue, and respond to malicious cyber activity regardless of where it originates, imposing costs on those who wish to attack us in cyberspace."
