(Adds background on WannaCry attack)
By Dustin Volz
WASHINGTON, Dec 18 (Reuters) – The Trump administration is expected on Tuesday to publicly blame North Korea for unleashing a cyber attack that crippled hospitals, banks and other companies across the globe earlier this year, said two sources familiar with the matter.
The accusation that the North Korean government was behind the so-called WannaCry attack comes as worries mount about North Korea’s hacking capabilities and its nuclear weapons program.
The U.S. government has assessed with a “very high level of confidence” that a hacking entity known as Lazarus Group, which works on behalf of the North Korean government, carried out the WannaCry attack, a senior administration official said. The official spoke on condition of anonymity to discuss details not yet public.
The White House did not immediately respond to a request for comment.
The public condemnation will not include any indictments or name specific individuals, the official said. But the shaming is designed to hold North Korea accountable for its actions and “erode and undercut their ability to launch attacks,” the official said.
North Korean government representatives could not be immediately reached for comment. The country has repeatedly denied responsibility for WannaCry and called other allegations about cyber attacks a smear campaign.
Lazarus Group is widely believed by security researchers and U.S. officials to have been responsible for the 2014 hack of Sony Pictures Entertainment, which destroyed files, leaked corporate communications online and led to the departure of several top studio executives.
Sony also suspended release of a comedy film that portrayed North Korea’s ruler, Kim Jong Un, because of threats issued by the hackers.
Then-U.S. President Barack Obama condemned Pyongyang for the Sony hack, vowing at the time to “respond proportionally.” No indictments have been brought in the Sony case.
Many security researchers, including the cyber firm Symantec , as well as the British government, have already concluded that North Korea was likely behind the WannaCry attack, which quickly unfurled across the globe in May to infect more than 300,000 computers in 150 countries.
Considered unprecedented in scale at the time, WannaCry knocked British hospitals offline, forcing thousands of patients to reschedule appointments and disrupted infrastructure and businesses around the world.
The attack originally looked like a ransomware campaign, where hackers encrypt a targeted computer and demand payment to recover files. Some experts later concluded the ransom threat may have been a distraction intended to disguise a more destructive intent.
FedEx’s computer networks were among the most heavily hit. The international shipper said in September it expected to sustain a $300 million profit hit as a result of the attack.
‘PATTERN OF NORTH KOREA MISBEHAVING’
Some researchers have said they believed WannaCry was deployed accidentally by North Korea as hackers were developing the code. The senior administration official declined to comment about whether U.S. intelligence was able to discern if the attack was deliberate.
“What we see is a continued pattern of North Korea misbehaving, whether destructive cyber attacks, hacking for financial gain, or targeting infrastructure around the globe,” the official said.
Tuesday’s announcement will cap a year of heightened tensions between the United States and North Korea. Earlier this month, North Korea said it had successfully tested a breakthrough intercontinental ballistic missile that could place the entire U.S. mainland within range of its nuclear weapons. (Reporting by Dustin Volz; Editing by Jonathan Weber and Peter Cooney)