Homeland Security Adviser Pins Wannacry Attack On North Korea In Wall Street Journal Op-Ed

from the so-that's-the-way-we're-doing-things-now dept

With politically-expeditious timing, Homeland Security Advisor Tom Bossert has pinned the Wannacry attacks on North Korea. The delivery method for the news was odd as well: a "commentary" piece in the Wall Street Journal's op-ed pages.

Cybersecurity isn’t easy, but simple principles still apply. Accountability is one, cooperation another. They are the cornerstones of security and resilience in any society. In furtherance of both, and after careful investigation, the U.S. today publicly attributes the massive “WannaCry” cyberattack to North Korea.

The attack spread indiscriminately across the world in May. It encrypted and rendered useless hundreds of thousands of computers in hospitals, schools, businesses and homes. While victims received ransom demands, paying did not unlock their computers. It was cowardly, costly and careless. The attack was widespread and cost billions, and North Korea is directly responsible.

We do not make this allegation lightly. It is based on evidence. We are not alone with our findings, either. Other governments and private companies agree. The United Kingdom attributes the attack to North Korea, and Microsoft traced the attack to cyber affiliates of the North Korean government.

While it's nice to hear this is "based on evidence" and that a "careful investigation" was performed, the op-ed piece still raises questions. Attribution is always difficult, but there seems to be info missing.

Wannacry was ransomware, but nowhere in Bossert's piece is there any indication North Korea turned a profit. The article says Wanncry "cost" billions, but it doesn't say anything about North Korea suddenly being awash in illicitly-obtained cash.

Also glossed over in Bossert's tough-talking attribution announcement/cybersecurity muscle flexing is the original source of the Wannacry ransomware: purloined NSA exploits. There are all kinds of problems with Bossert's announcement, as Marcy Wheeler points out:

The guy who — well after it was broadly known to be wrong — officially claimed WannaCry was spread by phishing is now offering this as his evidence that North Korea is the culprit:

We do not make this allegation lightly. It is based on evidence.

A representative of the government whose tools created this attack, said this without irony.

The U.S. must lead this effort, rallying allies and responsible tech companies throughout the free world to increase the security and resilience of the internet.

And the guy whose boss has, twice in the last week, made googly eyes at Vladimir Putin said this as if he could do so credibly.

As we make the internet safer, we will continue to hold accountable those who harm or threaten us, whether they act alone or on behalf of criminal organizations or hostile nations.

None of this necessarily adds up to the US government pinning the attacks on the wrong entity, but given the pedigree of the mouthpiece and the administration's desire to minimize reports of Russian government-directed cyberattacks, pinning this on the President's favorite Twitter punching bag (MSM notwithstanding) seems more convenient than accurate.

Even if it's 100% accurate, there had to have been better ways to deliver this news than with a threat of actual, physical war appended. Bossert's piece -- after glossing over the NSA's inadvertent contribution to the worldwide ransomware attack and throwing some shade at the previous administration -- wraps everything up with this:

As for North Korea, it continues to threaten America, Europe and the rest of the world—and not just with its nuclear aspirations. It is increasingly using cyberattacks to fund its reckless behavior and cause disruption across the world. Mr. Trump has already pulled many levers of pressure to address North Korea’s unacceptable nuclear and missile developments, and we will continue to use our maximum pressure strategy to curb Pyongyang’s ability to mount attacks, cyber or otherwise.

Using cyberattacks as an excuse for IRL attacks is a scary idea. The Trump Administration seems willing to draw down on North Korea at any moment, which isn't good news for anyone anywhere in the world. And it follows the newly-minted tradition established by the Obama Administration: mixing and matching war metaphors to treat cyberattacks like Pearl Harbor.

Filed Under: attribution, north korea, ransomeware, tom bossert, wannacry


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    An Onymous Coward (profile), 20 Dec 2017 @ 1:33pm

    And so the generic public demonizing begins. When will we see anti-North Korea posters resembling those of the Japanese from WWII start to appear in public spaces? Gotta drum up that anti-NK sentiment for public approval to drop a bomb on 'em.

    reply to this | link to this | view in chronology ]

    • icon
      Stephen T. Stone (profile), 20 Dec 2017 @ 1:54pm

      Re:

      Posters? Please. That shit is last century. We spread propaganda through Internet memes these days.

      And now I wonder when we’ll see the first anti-NK Loss.jpg edit.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 20 Dec 2017 @ 1:37pm

    Anybody taking bets on the true source being disgruntled NSA employee or contractor trying to build an early retirement fund?

    reply to this | link to this | view in chronology ]

  • identicon
    ANON, 20 Dec 2017 @ 2:30pm

    Isn't this...

    Isn't this the same government that tried to pin the Sony attack on NK for the movie "The Interview", when it was obviously the work of disgruntled/laid off sys admins from Sony?

    Almost like they have a deep-seated need to blame NK for everything and anything.

    reply to this | link to this | view in chronology ]

  • icon
    Uriel-238 (profile), 20 Dec 2017 @ 2:32pm

    Does it even matter where the Wannacry attacks came from?

    They exploits used in Wannacry were preserved by the CIA (meaning they weren't published and fixed) so that the CIA could use them.

    When one country hijacks and uses another country's illegal weapon we still blame the origin country for creating the illegal weapon in the first place.

    Then we concern ourselves with what the hijacking country did.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 20 Dec 2017 @ 2:34pm

    Trust us. We've never invaded a country based on flimsy evidence before.

    reply to this | link to this | view in chronology ]

  • icon
    orbitalinsertion (profile), 20 Dec 2017 @ 3:18pm

    1. Things are so bad, we need to continue ratcheting up tensions with North Korea simply to fuel a distraction.

    2. This generates another handy occasion to have a go at "industry" for "security" to prod them to do what authoritarians in government want (work with them under the table, hand over data, compromise products, make questionable new "security efforts", backdoor encryption, etc.) instead of suggesting they ever write better code, make less insanely insecure products, or exercise ancient, basic security measures in their networked systems.

    And a good time was had by all.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 20 Dec 2017 @ 3:37pm

    Seems the present administration is eager to start a war with anyone, including their own constituents. Talk about a loose cannon.

    reply to this | link to this | view in chronology ]

  • icon
    Mason Wheeler (profile), 20 Dec 2017 @ 3:42pm

    The article says Wanncry "cost" billions, but it doesn't say anything about North Korea suddenly being awash in illicitly-obtained cash.

    There's more than one meaning of "cost," you know. Especially in the context of an attack or natural disaster that inflicts damage.

    reply to this | link to this | view in chronology ]

  • icon
    ECA (profile), 20 Dec 2017 @ 4:24pm

    OP-ED

    OPINIONATED EDITORIAL..

    Which of these 2 words, has NO MEANING??
    OPINION
    EDITORIAL

    reply to this | link to this | view in chronology ]

  • identicon
    Manok, 20 Dec 2017 @ 7:49pm

    *yawns*
    Ever since they went out of their way to present the world with evidence of Iraq's WMD's, whereas they knew it were lies...
    I guess I'm not the only one not even bothering to read what their evidence is this time around.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Dec 2017 @ 4:18am

      Re:

      Donald Rumsfeld sold Saddam Hussein tons of anthrax to use against Iran. That is a weapon of mass destruction.. tons of anthrax. The US new they had it now you can go research this yourself.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 21 Dec 2017 @ 10:48am

        Re: Re:

        and they used it all?
        where was it?

        yeah, they did find some old crap and destroyed it while damaging their health in doing so .... and now the VA says too fucking bad - you're on your own. Big orange turd says they knew what they were getting in to.

        They way we treat our vets is disgusting.

        reply to this | link to this | view in chronology ]

  • identicon
    Pixelation, 20 Dec 2017 @ 9:21pm

    Tom Bossert says...

    "These aren't the hacks you're looking for, move along."

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Dec 2017 @ 4:08am

    Act of war now go nuke the scumbag. putin get out of our way.

    reply to this | link to this | view in chronology ]

  • icon
    Ed (profile), 21 Dec 2017 @ 2:03pm

    What happened to the "guy sitting on their bed who weighs 400 pounds."

    reply to this | link to this | view in chronology ]

  • icon
    Bergman (profile), 21 Dec 2017 @ 7:32pm

    IRL vs Online

    I dunno, I could totally get behind someone feeding those Card Services scammers a Hellfire missile or two from a drone.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Show Now: Takedown
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.