Remember the WannaCry plague? It swept across the planet in the spring, infecting millions of systems, attempting and at times succeeding in extorting money from its victims. Almost immediately, researchers linked the virus to earlier cyberwarfare from North Korea, including the spectacular hack of Sony Pictures, through a shadowy operation known as The Lazarus Group. Seven months later, the White House has gone public with its conclusion that the Kim regime launched WannaCry:

White House adviser Thomas Bossert laid out the case in today’s Wall Street Journal, declaring that “it’s official” that Pyongyang committed the crime:

Cybersecurity isn’t easy, but simple principles still apply. Accountability is one, cooperation another. They are the cornerstones of security and resilience in any society. In furtherance of both, and after careful investigation, the U.S. today publicly attributes the massive “WannaCry” cyberattack to North Korea.

The attack spread indiscriminately across the world in May. It encrypted and rendered useless hundreds of thousands of computers in hospitals, schools, businesses and homes. While victims received ransom demands, paying did not unlock their computers. It was cowardly, costly and careless. The attack was widespread and cost billions, and North Korea is directly responsible.

We do not make this allegation lightly. It is based on evidence. We are not alone with our findings, either. Other governments and private companies agree. The United Kingdom attributes the attack to North Korea, and Microsoft traced the attack to cyber affiliates of the North Korean government. …

North Korea has acted especially badly, largely unchecked, for more than a decade, and its malicious behavior is growing more egregious. WannaCry was indiscriminately reckless.

Bossert writes that it takes accountability to stop malicious behavior like North Korea’s cyber warfare. Clearly, though, it takes a little more than just accountability. The White House hopes to contain and isolate the Kim regime even further in publicly naming and shaming them, but it’s questionable whether Kim’s trading partners — the regimes still willing to do business with him despite all of the US sanctions — see cyber warfare as a “last straw,” so to speak. It won’t convince China, for instance, who has conducted far more successful cyber operations against the US for years than an indiscriminately aimed ransomware program.

Perhaps the length of time it took to get confirmation on the source of the attack hints at this issue. The evidence cited by Bossert was available almost immediately, or at least enough of it for industry experts to have heavy suspicions about its origin. The Trump administration may have exercised an abundance of caution before rolling out this allegation, waiting for either a smoking gun or a massive amount of circumstantial evidence, but that seems unlikely.  Abundance of caution hasn’t exactly been this administration’s pattern on foreign policy, especially on North Korea. They might have shopped this around privately first to see if they could get any movement on sanctions enforcement with Kim’s cheaters, and then went public when it stopped paying off.

Will going public force North Korea to change its course on anything? Probably not, but it does at least serve as a reminder that the country remains one of the worst rogue regimes in the world. Of course, they had cemented their #1 spot with their assassination of Kim’s brother in the Kuala Lumpur airport using VX nerve agent too, but WannaCry is a helpful reminder.

Addendum: It’s tough to argue with Bossert’s logic here, even if one’s a little skeptical about his claims for why it took so long to make the declaration: