The North Korean cyber-threat to the UK remains below that of Russia and China but could increase in the future, a new parliamentary Defence Committee report has claimed.
It reiterated the view that the WannaCry ransomware attack which decimated large parts of the NHS was carried out by the Kim Jong-un regime, but that the UK was not its intended target.
An estimated 19,000 operations and appointments were cancelled and 34% of NHS England Trusts affected by the May 2017 blitz, which took advantage of leaked NSA exploits to target known Windows vulnerabilities left unpatched by many organizations.
However, the report claimed that although the UK is “not on North Korea’s priority list” currently, this could change.
The Ministry of Defence made the following warning in written evidence to the committee:
“We judge North Korea to have a relatively low threshold for use of offensive cyber capabilities. For the most part, North Korean cyber-attacks have targeted South Korea. But as international sanctions tighten, the country may place more emphasis on the money-making opportunities that these capabilities afford, thereby subverting sanctions. Any actions of governments (including the UK) or corporate entities perceived by the regime to be insulting to the regime could lead to the use of offensive cyber.”
The report also asserted that third-party countries like China are partly to blame for harboring North Korean state hackers.
Former assistant chief of the Secret Intelligence Service (MI6), Nigel Inkster, told the committee that one North Korean cyber unit has an operational base in a hotel in China, which must be known to the authorities.
The Defence Committee concluded with a word of caution.
“It is likely that North Korea has already successfully attacked the UK with the WannaCry ransomware, although we agree with the government that the UK was probably not intended to be the principal target,” it said.
“Nevertheless, the WannaCry attack highlighted basic vulnerabilities in UK information technology systems. With North Korea unconcerned by who gets hurt when it lashes out, the UK will continue to be at risk from North Korean cyber-attacks.”