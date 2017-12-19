The U.S. is publicly attributing the WannaCry attack to North Korea, White House homeland security adviser Tom Bossert told reporters Tuesday at a briefing at the White House.

“Today took us awhile,” he said of the announcement, but “we believe we now have the evidence to support the assertion.”

Canada, New Zealand and Japan have seen the Homeland Security Department’s analysis and agree with the U.S. conclusion, Bossert disclosed. He said that the U.S. “looked not only at operational infrastructure, but [also] tradecraft and routine used in past attacks.” He went on to talk about the vulnerabilities that exits in commercial software that are discovered by the government. Ninety percent of the time, he said, the U.S. shares the information about the vulnerability with the company, thus helping companies to improve their products and help prevent their customers from being victimized by hackers. The vulnerabilities the government doesn’t share it keeps “for very specific purposes.”

Microsoft, he pointed out, acted to disrupt North Korean hackers. It created a patch for the software vulnerability. Facebook shut down accounts associated with the hackers.

The Monday announcement that North Korea is behind the WannaCry cyberattack that plagued multiple industries earlier this year — including hospitals, financial systems and other companies — came in an op-ed published in the Wall Street Journal. Bossert wrote that “the attack was widespread and cost billions, and North Korea is directly responsible.”

The hackers took advantage of a vulnerability in Microsoft, forcing the shutdown of businesses in 150 countries around the world by encrypting files to make them inaccessible until victims paid a ransom of $300. But Bossert suggested that raising money was not the main purpose of the hack. That assumption is based on what targets of the attack reported — that most of them didn’t pay, and those who did promptly found that their computers weren’t unlocked. They then informed others that paying wouldn’t end the hack.

Bossert goes on to say: “[WannaCry] encrypted and rendered useless hundreds of thousands of computers … while victims received ransom demands, paying did not unlock their computers. It was cowardly, costly, and careless.”

Asked Tuesday if the U.S. was slow to act, Bossert said, “We took a lot of time to look through classified and sensitive information.” The U.S. was able to make a “confident” attribution. “We can’t get it wrong. We can’t rush it,” he said.

He conceded, ‘We got lucky. In the U.S. we were well-prepared.” And he pointed out that there had been a programmer who was sophisticated, noticed the kill switch and acted to kill it.

Bossert also noted that the North used intermediaries to carry out the attacks.