Facebook and Microsoft blocked a number of cyberattacks from North Korea last week, White House Homeland Security Adviser Tom Bossert announced on Tuesday (Dec. 19).
According to news from Reuters, the government official also blamed North Korea for the WannaCry attack this past spring that brought down hundreds of thousands of computer systems around the globe, impacting 150 countries.
“Facebook took down accounts that stopped the operational execution of ongoing cyberattacks, and Microsoft acted to patch existing attacks, not just the WannaCry attack initially,” said Bossert. He didn’t provide details on the cybersecurity moves by Facebook or Microsoft but noted the government is calling upon other companies to help in pushing back against potential attacks.
According to Bossert, the WannaCry attack was “meant to cause havoc and destruction,” noting there’s not much more the U.S. can do to pressure the government of North Korea. “We don’t have a lot of room left here to apply pressure to change their behavior. It’s nevertheless important to call them out, to let them know that it’s them and we know it’s them,” he said.
During a press conference, Bossert said the U.S. government has clear proof North Korea was responsible for WannaCry but declined to share any evidence. A spokesperson for Facebook confirmed to Reuters last week that it deleted accounts that were tied to a North Korean hacking entity called Lazarus Group. Deleting the accounts, which were largely personal profiles operating as fake accounts to build relationships with their would-be targets, made it harder for them to carry out their attacks. Individuals who were in contact with the fake accounts were notified by Facebook.
Meanwhile, Microsoft President Bradford Smith said in a blog post that the company disrupted malware from Lazarus Group last week. The moves on the part of Microsoft were made after consultations with several governments, which he declined to identify.