Australian government points finger at North Korea over WannaCry

The Australian government has joined the White House in condemning North Korea over the WannaCry ransomware wave.

Only a small number of Australian businesses are known to have been affected by the WannaCry outbreak in May this year.

The Windows vulnerability exploited by WannaCry was among those found in tools believed to have been used by the US National Security Agency that were released in a Shadow Brokers dump in April. 

A joint statement released today by Prime Minister Malcolm Turnbull and foreign minister Julie Bishop said that the Australian government “condemns North Korea’s use of 'WannaCry' ransomware to attack businesses and public institutions around the world in June this year”.

“The 'WannaCry' attack showed the rapid, global damage cybercrime can cause to businesses and critical infrastructure,” the statement said.

“Based on advice from our intelligence agencies, and through consultations with our allies, we confirm that North Korea carried out the 'WannaCry' ransomware campaign.

“We condemn North Korea’s use of cybercrime which poses grave risk to the global economy and can have a devastating effect on government operations and services, business activity and the safety and welfare of individuals.”

In a press briefing White House homeland security advisor Tom Bossert announced that the US government “is publicly attributing the massive WannaCry cyberattack to North Korea.”

“We do not make this allegation lightly.  We do so with evidence, and we do so with partners.”

“Other governments and private companies agree,” Bossert said. “The United Kingdom, Australia, Canada, New Zealand, and Japan have seen our analysis, and they join us in denouncing North Korea for WannaCry.”

“Commercial partners have also acted. Microsoft traced the attack to cyber affiliates of the North Korean government, and others in the security community have contributed their analysis.”

“The UK’s National Cyber Security Centre assesses it is highly likely that North Korean actors known as the Lazarus Group were behind the WannaCry ransomware campaign – one of the most significant to hit the UK in terms of scale and disruption,” UK Foreign Office minister Tariq Ahmad said in a statement.

“We condemn these actions and commit ourselves to working with all responsible states to combat destructive criminal use of cyber space. The indiscriminate use of the WannaCry ransomware demonstrates North Korean actors using their cyber programme to circumvent sanctions.”

Australia’s government earlier this year unveiled its first International Cyber Engagement Strategy. The strategy argues that Australia and other nations have the right to develop so-called cyber weapons, but international laws still apply to “cyberspace.”

Turnbull has previously acknowledged that Australia possess an “offensive cyber capability”, housed within the Australian Signals Directorate.

Angus Taylor will take over responsibility for the cyber security portfolio as part of a ministerial reshuffle, the PM revealed yesterday.