Trump administration formally blames North Korea for WannaCry. Now what?

Enlarge / WASHINGTON, DC - DECEMBER 19: Tom Bossert, White House homeland security advisor, and Jeanette Manfra, chief of cybersecurity for the Department of Homeland Security, brief reporters on the WannaCry cyberattack earlier this year, at the White House on December 19, 2017 in Washington, DC. The widespread attack, which plagued multiple industries in at least 150 countries and cost billions of dollars, was blamed squarely on North Korea by Bossert. (Photo by Mark Wilson/Getty Images) (credit: Mark Wilson/Getty Images)

The Trump administration has now officially blamed North Korea for the creation and spread of WannaCry, the cryptographic worm built on exploits stolen from the National Security Agency, that struck computers around the globe in May. White House National Security Advisor Tom Bossert made the assertion public in an op-ed published late Monday in The Wall Street Journal and in a press conference this morning. But there's little the US can actually do to North Korea in response.

"We do not make this allegation lightly," Bossert said. "It is based on evidence. We are not alone with our findings, either. Other governments and private companies agree. The United Kingdom attributes the attack to North Korea, and Microsoft traced the attack to cyber affiliates of the North Korean government."

The attribution is not a surprise. Security industry researchers and analysts for other governments (including the United Kingdom's GCHQ and Canada's Communications Security Establishment) have pointed the finger at North Korea as the most likely source of the attack for months. But Bossert told reporters that the White House wanted to be extremely careful before making a public attribution.