The White House has revealed that Microsoft and Facebook were responsible for disabling a number of North Korean cyber threats last week as the US government publicly denounced Pyongyang for its role in last year's WannaCry ransomware attacks (opens in new tab).
White House homeland security adviser, Tom Bossert offered more information on the role both companies played, saying:
“Facebook took down accounts that stopped the operational execution of ongoing cyber attacks and Microsoft acted to patch existing attacks, not just the WannaCry attack initially.”
Though Bossert did not provide any concrete details, he did stress that the US government is calling on more companies to aid in its cyber security defense.
Microsoft and Facebook have both been working independently disrupt the activities of the Lazarus Group (opens in new tab) which is thought to be responsible for the WannaCry ransomware attack that infected hundreds of thousands of computers in over 150 countries worldwide.
Microsoft's President Brad Smith highlighted that last week the company had disrupted the malware the group relies upon to carry out its attacks. Microsoft also removed the malware from its users' infected computers and “disabled accounts being used to pursue cyber attacks.” According to Smith, these actions were taken after the company has been consulted by several governments regarding the issue.
Facebook confirmed that it had deleted a number of accounts associated with the Lazarus Group “to make it harder for them to conduct their activities.” The accounts in question were fake personal accounts used to build relationships and gain information on potential targets.
Bossert explained why the US government chose to reveal that the Lazarus Group was behind the WannaCry attacks, saying:
“We don't have a lot of room left here to apply pressure to change their behaviour. It's nevertheless important to call them out, to let them know that it's them and we know it's them.”
Image Credit: Etereuti / Pixabay