UK Government Blames WannaCry on North Korea

The British government has joined the likes of Microsoft and others in blaming North Korea for the devastating WannaCry ransomware attack that hit hundreds of thousands of victims in May, including over a third of NHS trusts in England.

Security minister, Ben Wallace, told BBC Radio 4’s Today program on Friday that the hermit nation “was the state that we believe was involved in this worldwide attack on our systems".

“We can be as sure as possible. I can’t obviously go into the detailed intelligence but it is widely believed in the community and across a number of countries that North Korea had taken this role,” he claimed.

Wallace also claimed North Korea had launched other attacks aimed at stealing foreign currency; potentially a reference to its attacks on Bitcoin exchanges in recent months.

Earlier this month, Microsoft president, Brad Smith, made similar remarks.

“I think at this point that all observers in the know have concluded that WannaCry was caused by North Korea using cyber tools or weapons that were stolen from the National Security Agency in the United States," he told ITV News.

WannaCry caused chaos around the globe when it landed in mid-May. It could have affected many more victims than the 300,000 it hit if it hadn’t been for a “kill switch” discovered by researcher Marcus Hutchins.

In the end, the ransomware managed to compromise many organizations that had failed to patch a known SMB vulnerability for which Microsoft had issued a fix in March.

Scores of them were NHS trusts: 81 to be precise.

WannaCry caused the cancellation of an estimated 19,000 operations and appointments and infected hundreds of primary care and GP practices.

A National Audit Office (NAO) report released last week revealed that systemic failures in the NHS and Department of Health left the health service woefully exposed to the threat.

What’s Hot on Infosecurity Magazine?