Last Updated Dec 19, 2017 9:43 AM EST
The U.S. is publicly attributing the WannaCry attack to North Korea, White House homeland security adviser Tom Bossert told reporters Tuesday at a briefing at the White House.
Canada, New Zealand and Japan have seen the analysis and agree with the U.S. conclusion, he also said. He also told reporters that the U.S. is leading the effort to improve cyber security.
“Today took us awhile,” he said of the announcement, but “we believe we now have the evidence to support the assertion.”
Microsoft, he pointed out, acted to disrupt North Korean hackers. They shut down accounts.
Bossert announced Monday that North Korea is behind the WannaCry cyberattack that plagued multiple industries earlier this year — including hospitals, financial systems and other companies in an op-ed published Monday night in the Wall Street Journal. Bossert wrote that “the attack was widespread and cost billions, and North Korea is directly responsible.”
The hackers took advantage of a vulnerability in Microsoft, forcing the shutdown of businesses around the world by encrypting files to make them inaccessible until a ransom of $300 was paid. Bossert suggested that raising money was not the main purpose of the hack. That assumption is based on what targets of the attack reported — that most of them didn’t pay, and those who did promptly found that their computers weren’t unlocked. They then informed others that paying wouldn’t end the hack.
Bossert goes on to say: “[WannaCry] encrypted and rendered useless hundreds of thousands of computers … while victims received ransom demands, paying did not unlock their computers. It was cowardly, costly, and careless.”
Also in the op-ed, Bossert said the allegation that North Korea is the culprit wasn’t made lightly, and is based on evidence.
Asked if the U.S. was slow to act, Bossert said, “We took a lot of time to look through classified and sensitive information.” The U.S. was able to make a “confident” attribution. “We can’t get it wrong. We can’t rush it,” he said.
He conceded, ‘We got lucky. In the U.S. we were well-prepared.” And he pointed out that there had been a programmer who was sophisticated, noticed the kill switch and acted to kill it.
Bossert also noted that the North used intermediaries to carry out the attacks.
© 2017 CBS Interactive Inc. All Rights Reserved.