Microsoft, Facebook disrupted activities of North Korean hackers: White House

Washington: American tech giants Microsoft and Facebook acted recently on their own to disrupt the activities of North Korean hackers and prevent the operational execution of ongoing cyberattacks in the US, the White House said today.

White House Homeland Security Advisor Tom Bossert said US President Donald Trump had rallied allies and responsible tech companies around the world to increase the security and resilience of the Internet.

“Cooperation between industry and good governments will bring improved security, and we can no longer afford to wait,” he said.

“We applaud our corporate partners, Microsoft and Facebook especially, for acting on their own initiative last week without any direction by the US government or coordination to disrupt the activities of North Korean hackers. Microsoft acted before the attack in ways that spared many US targets,” he said.

Bossert said Microsoft and Facebook and other major tech companies acted to disable a number of North Korean cyber exploits and disrupt their operations as the North Koreans were still infecting computers across the globe.

“They shut down accounts the North Korean regime hackers used to launch attacks and patched systems,” he said.

North Korea has done everything wrong as an actor on the global stage that a country can do, he added.

Bossert said US Trump had used “just about every lever you can use, short of starving the people of North Korea to death, to change their behaviour”.

“So we don’t have a lot of room left here to apply pressure to change their behaviour. It’s, nevertheless, important to call them out to let them know that it’s them and we know it’s them,” he said.

“At this point, some of the benefit that come from this attribution is letting them know that we’re going to move to stop their behaviour,” he said.

It also allows the US to galvanise the private sector, he said, adding that in this case, the private sector also acted.

Facebook took down accounts that stopped the operational execution of ongoing cyberattacks. And Microsoft acted to patch existing attacks, not just the WannaCry attack initially, he said.

“So this is allowing us to call on all likeminded and good, responsible companies to stop supporting North Korean hackers, whether they’re operating in North Korea or elsewhere,” Bossert said.

He said it’s also an opportunity to call on the other countries in the region that were affected to mobilise them to stop that same behaviour.

“Often, North Koreans can travel outside of North Korea to hack, or they can rely on people outside of the country with better access to the Internet to carry out this malicious activity. And we need other countries, not just other companies, to work with us,” he added.