{"id":11127,"date":"2017-06-14T00:00:00","date_gmt":"2017-06-14T00:00:00","guid":{"rendered":"http:\/\/localhost\/cyber-operations\/wannacry\/"},"modified":"2017-06-14T00:00:00","modified_gmt":"2017-06-14T00:00:00","slug":"wannacry","status":"publish","type":"post","link":"https:\/\/www.cfr.org\/cyber-operations\/wannacry","title":{"rendered":"WannaCry"},"content":{"rendered":"<p>A threat actor used a tool called WannaCry to encrypt data in compromised networks, and intended to provide the victims with the&nbsp;decryption key only after a ransom had been paid. The threat actors used an exploit, called <a href=\"https:\/\/arstechnica.com\/security\/2017\/05\/fearing-shadow-brokers-leak-nsa-reported-critical-flaw-to-microsoft\/\">EternalBlue<\/a>&#8211;first discovered by the U.S. National Security Agency&#8211;to propagate WannaCry in organizations using the Windows operating system.&nbsp;On December 19, 2017, the <a href=\"https:\/\/www.wsj.com\/articles\/its-official-north-korea-is-behind-wannacry-1513642537\">United States<\/a>, <a href=\"https:\/\/foreignminister.gov.au\/releases\/Pages\/2017\/jb_mr_171220.aspx\">Australia<\/a>, <a href=\"https:\/\/www.cse-cst.gc.ca\/en\/media\/2017-12-19\">Canada<\/a>, <a href=\"http:\/\/www.mofa.go.jp\/press\/kaiken\/kaiken4e_000451.html\">Japan<\/a>, and the <a href=\"https:\/\/www.gov.uk\/government\/news\/foreign-office-minister-condemns-north-korean-actor-for-wannacry-attacks\">United Kingdom<\/a>&nbsp;issued statements accusing North Korea of being responsible for WannaCry.<\/p>\n<p>In September 2018, the U.S. Department of Justice <a href=\"https:\/\/www.justice.gov\/opa\/press-release\/file\/1092091\/download\">announced<\/a> criminal charges alleging that North Korean entities were responsible for this incident.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A threat actor used a tool called WannaCry to encrypt data in compromised networks, and intended to provide the victims with the&nbsp;decryption key only after a ransom had been paid. The threat actors used an exploit, called EternalBlue&#8211;first discovered by the U.S. National Security Agency&#8211;to propagate WannaCry in organizations using the Windows operating system.&nbsp;On December [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_cloudinary_featured_overwrite":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[2],"tags":[],"cyber_operation":[38],"state_sponsor":[91],"victim_category":[63,138],"victim_government_response":[194],"victim":[31,56,59,83,142,154,180,182],"class_list":["post-11127","post","type-post","status-publish","format-standard","hentry","category-incident","cyber_operation-data-destruction","state_sponsor-korea-democratic-peoples-republic-of","victim_category-government","victim_category-private-sector","victim_government_response-yes","victim-china","victim-france","victim-germany","victim-japan","victim-russian-federation","victim-spain","victim-united-kingdom","victim-united-states"],"acf":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts\/11127","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/comments?post=11127"}],"version-history":[{"count":0,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts\/11127\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/media?parent=11127"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/categories?post=11127"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/tags?post=11127"},{"taxonomy":"cyber_operation","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/cyber_operation?post=11127"},{"taxonomy":"state_sponsor","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/state_sponsor?post=11127"},{"taxonomy":"victim_category","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim_category?post=11127"},{"taxonomy":"victim_government_response","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim_government_response?post=11127"},{"taxonomy":"victim","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim?post=11127"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}