Skip Navigation

Critical Infrastructure News

White House defends NSA, thanks Microsoft, Facebook for countering North Korean hackers

A top White House official on Tuesday personally thanked Microsoft and Facebook for helping counter North Korean hackers and said the National Security Agency was “not at all” at fault for this year’s infamous WannaCry ransomware incident.

Thomas Bossert, the president’s homeland security adviser, mentioned the two companies by name in a press conference on North Korea’s connections to WannaCry.

The Trump administration publicly attributed WannaCry to North Korea for the first time yesterday.

Security researchers have said the hackers behind the ransomware outbreak in May amplified its effects by using computer code from a leaked NSA hacking tool known as EternalBlue.

The briefing followed the publication Monday night of an editorial by Bossert in the Wall Street Journal that was the first time the Trump administration attributed the WannaCry outbreak to North Korea. Bossert broadly cited “evidence” without describing it outright.

Statements shared by Facebook and Microsoft with CyberScoop imply that the companies’ efforts against North Korean hackers came last week and were not directly related to WannaCry. Instead, they appear to have been more broadly focused on inhibiting North Korea’s ongoing cyber-espionage operations.

A Facebook spokesperson said the social network had moved to disable a number of accounts that it linked back to the predominant hacking group associated with North Korea, which is known to the security research community as the Lazarus Group. Facebook said the hackers were using these profiles to communicate with one another while also targeting specific individuals.

120 million households exposed in massive database leak

Information on more than 120 million American households was sitting in a massive database found left exposed on the web earlier this month, Forbes has been told. It included an extraordinary range of personal details on residents, including addresses, ethnicity, interests and hobbies, income, right down to what kind of mortgage the house was under and how many children lived at the property. In total, there were 248 different data fields for each household, according to the researcher who uncovered the leak data this week.

While there were no names exposed, Chris Vickery, a cybersecurity researcher from UpGuard, told Forbes it was simple to determine who the data was linked to, either by looking at the details or by crosschecking with previous leaks. He found the data was sitting in an Amazon Web Services storage “bucket,” left open to anyone with an account, which are free to obtain.

As long as they knew the right URL to visit, an Amazon Web Services user could retrieve all the data, which was left online by marketing analytics company Alteryx. It was apparent that the firm had purchased the information from Experian, as part of a dataset called ConsumerView, on top of which Alteryx provides marketing and analytics services.