North Korea was probably behind the devastating WannaCry cyber attack which crippled the NHS in May, the Home Office has said.
Home Office Minister Ben Wallace said the Government believed ‘quite strongly’ that a foreign state was behind the ransomware attack and named North Korea, claiming the country was trying to raise cash.
Pyongyang has been widely blamed for the May cyber attack in security circles, and Microsoft’s president, Brad Smith, has also pointed the finger at Kim Jong Un’s secretive state.
Mr Wallace said: “This attack, we believe quite strongly that it came from a foreign state.
“North Korea was the state that we believe was involved this worldwide attack.”
Credit: AP Frank Augstein
He told BBC Radio 4’s Today programme that “we can be as sure as possible” and “it is widely believed in the community and across a number of countries that North Korea had taken this role”.
Mr Wallace suggested the attack could have been motivated by an attempt by the economically isolated state to access foreign funds.
“North Korea has been potentially linked to other attacks about raising foreign currency,” he said.
Today the NHS was ordered to ‘get its act together’ or risk another devastating attack like the ‘WannaCry’ ransomware breach.
In the months preceding the attack, NHS digital had even issued ‘critical alerts’ about the WannaCry virus, urging IT departments to update their online security systems.
The NAO report, released today, found that almost 19,500 medical appointments, including 139 potential cancer referrals, were probably cancelled, with five hospitals forced to divert ambulances away after being locked out of computers on May 12.
NHS Providers, which represents hospitals, warned that further attacks were ‘inevitable’ while the head of the NAO said the health service must improve its resilience or it would suffer a more sophisticated and damaging breach.
“The WannaCry cyber attack had potentially serious implications for the NHS and its ability to provide care to patients,” said NAO auditor general Sir Amyas Morse.
“It was a relatively unsophisticated attack and could have been prevented by the NHS following basic IT security best practice.
“There are more sophisticated cyber threats out there than WannaCry so the Department of Health and the NHS need to get their act together to ensure the NHS is better protected against future attacks.”
The WannaCry attack is the largest faced by the NHS to date, infecting computers at 81 health trusts across England – a third of the 236 total, as well as almost 600 GP surgeries.
All were running computer systems – the majority Windows 7 – that had not been updated with anti-virus software to secure them against attacks even though security experts had warned that outdated systems were ‘a ticking timebomb.’
On the day of the attack, medical staff reported seeing computers go down ‘one by one’ as the virus took hold, locking machines and demanding money to release data.
Accident and emergency units had to divert ambulances away at the Royal London Hospital, Broomfield Hospital in Chelmsford, Essex; the Lister Hospital in Stevenage, Herts; Basingstoke Hospital in Hampshire and West Cumberland Hospital in Whitehaven, Cumbria.
The report found that the attack could have caused even more disruption had it not been for cyber researcher Marcus Hutchins, who activated a ‘kill-switch’.