The WannaCry attack, the official said, "demonstrates the importance of basic cyber hygiene, including keeping systems patched and up to date, as well as the need for strong cooperation between public and private sectors to share information, prevent and mitigate cyber threats". He wrote that while North Korean cyberattacks have been going on "largely unchecked" for about a decade, such activity has grown "more egregious" and WannaCry was "indiscriminately reckless".
"After careful investigation, the United States is publicly attributing the massive "WannaCry" cyberattack to North Korea", said White House homeland security advisor Tom Bossert.
Bossert-who cut his teeth in the Bush administration and was the victim of an email phishing attack this August-stated that evidence compiled by DHS had been reviewed by allied nations such as the United Kingdom, Canada, and Japan, which had agreed with the United State's assessment of North Korea's culpability.
"North Korea has done everything wrong as an actor on the global stage that a country can do", he told reporters Tuesday during a White House briefing.
Bossert said Microsoft and Facebook and other major tech companies acted to disable a number of North Korean cyber exploits and disrupt their operations as the North Koreans were still infecting computers across the globe. "And so we don't have a lot of room left here to apply pressure to change their behavior".
It follows a pattern of disruptive and harmful cyber activity by the reclusive country, whose leader, Kim Jong Un has pushed the development of hacker forces as a low-priced, high-impact tool that can rattle the nerves and damage the systems of larger, more powerful nations.
"We make it way to easy for attackers by operating independently", she told reporters.
The National Security Agency linked North Korea to the worm's creation in June.
He said North Korean hackers were still at work last week, and were shut down by a retaliatory response by the US and others. "It gives them something else to bring to the table". Until now, the US hadn't publicly named Pyongyang as being behind the attack.
But DHS declined to share details on its own strategies, if any exist, to prevent a similar attack from being carried out by a hostile nation-state in the future, claiming the goal of the announcement was to call out North Korea publicly for its actions.
While North Korea allows internet access to only a small portion of its population, it began to train its techno soldiers in the early 1990s, according to South Korea's Defense Security Command.