NORTH Korea has lashed out after Britain’s Security Minister claimed Kim Jong-un’s dictatorship was behind a hacking attack on the NHS earlier this year.
Staff were forced to cancel or postpone operations and appointments as a fifth of NHS trusts were targeted while hackers demanded a ransom.
Users logging onto their computers were met with this message demanding bitcoin ransom
What happened during the NHS cyber attack?
The indiscriminate attack struck banks, hospitals and government agencies in more than 150 countries, exploiting known vulnerabilities in old Microsoft computer operating systems.
The NHS is thought to be one of the first victims of the attack in May 2017, which started in the UK and Spain before spreading around the world.
The programme used in the global cyber attack is known as WannaCry ransomware or Wanna Decryptor.
It was launched on Friday, May 12, and infected more than 230,000 computers demanding ransom payments in the cryptocurrency bitcoin in 28 languages.
The attack was spread by various methods including phishing emails and on systems without up-to-date security patches.
Around 40 NHS trusts were hit in the WannaCry ransomware attack, and seven hospitals remained on A&E divert on Sunday afternoon, with ambulances taking emergency patients elsewhere, NHS England said.
It was reported that 2,000 of the trust’s 6,000 computers were infected as well as the central system.
It’s thought up to 70,000 devices — including computers, MRI scanners, blood-storage refrigerators and theatre equipment — may have been affected.
An NHS England spokesman described it is a “very complex emerging picture”.
People were advised to attend any hospital or doctor appointments as normal, unless they were contacted and told not to.
A Brit computer whiz, Marcus Hutchins, was hailed a hero when he found a way to slow the spread of the ransomware bug.
But just months later he was nicked by the FBI accused of creating a distributing another malware virus, Kronos.
Around a fifth of NHS trusts were affected by the global cyber attack as people were turned away from appointments and surgeries
How much did the ransom demand?
Those who logged onto infected computers were met with a ransom demand to unlock the machine.
Images appear on victims’ screens demanding payment of $300 (£232) in the virtual currency Bitcoin, saying: “Ooops, your files have been encrypted!”
Payment was demanded within three days or the price was threatened to double, and if none was received within seven days the locked files would be deleted, according to the screen message.
Bitcoin, the world’s most-used virtual currency, allows anonymous transactions via heavily encrypted codes.
Experts and governments alike warn against ceding to the demands and Wainwright said few victims so far had paid up.
The criminals earned about £55,000 in ransom and received more than 260 payments since the hack, Ars Technica reports.
This estimation was backed up by White House homeland security adviser Tom Bossett.
However, Bosset said paying the ransom has not “led to any data recovery” for unlucky victims.
Those logging onto the NHS website were met with a statement from the NHS Incident Director, Dr Anne Rainsberry
Which NHS trusts and foreign companies were affected?
As well as the NHS, the initial attack paralysed computers running railway stations, mail delivery, gas stations, hospitals, office buildings, shopping malls and government services all around the world.
Countries including Russia, Ukraine, Brazil, Spain, India and Japan, China and South Korea were affected.
Chinese state media said 29,372 institutions there were infected along with hundreds of thousands of devices.
The Japan Computer Emergency Response Team Coordination Center, a nonprofit providing support for computer attacks, said 2,000 computers at 600 locations in Japan were reported affected so far.
The most public damage in South Korea was to cinema chain CJ CGV Co, which was restoring its advertising servers at dozens of theatres before the attack left them unable to display trailers of upcoming movies.
Foreign companies we know that have been affected include:
- Telefonica – Spain
- Iberdrola – Spain
- Gas Natural – Spain
- FedEx Corp – US
- Renault – France
- Hitatchi – Japan
- Nissan – Japan
- CJ CGV Co – South Korea
- Telecom – Portugal
It is thought about 40 NHS trusts were affected by the cyber attack including:
- Northumbria Healthcare
- North Cumbria Hospitals
- Morecambe Bay Hospitals
- Blackpool Hospitals
- Southport Hospital
- East Lancashire Trust
- Barts Health
- East and North Hertfordshire
- Derbyshire Community Health
- University Hospitals North Midlands
- North Essex Partnership University FT
- London North West Healthcare Trust
- York Hospitals
- East Cheshire Trust
- Aintree University Hospitals
- The Royal Liverpool and Broadgreen Hospitals Trust
- Liverpool Community Trust
- United Lincolnshire Hospitals
- James Paget University Hospital FT
- Basildon And Thurrock University Hospitals NHS Foundation Trust
- Mid Essex Hospital Services NHS Trust
- Colchester Hospital University NHS Foundation Trust
- George Eliot Hospital NHS Trust
- Wrightington, Wigan And Leigh NHS Foundation Trust
- Cheshire and Wirral Partnership NHS Foundation Trust
- Nottinghamshire Healthcare NHS Trust
- Burton Hospitals NHS Foundation Trust
- Birmingham Community Healthcare Trust
- Sherwood Forest Hospitals
- Ipswich Hospital
- West Herfordshire Hospitals
- Barnsley Hospital
- Central Manchester University Hospitals
In Scotland the following health boards confirmed a cyber attack:
- NHS Ayrshire and Arran
- NHS Borders
- NHS Dumfries and Galloway
- NHS Grampian
- NHS Greater Glasgow and Clyde
- NHS Fife
- NHS Highland
- NHS Forth Valley
- NHS Western Isles
- NHS Tayside
- NHS Lanarkshire
Was North Korea behind the cyber attack?
An international manhunt for the plotters behind the world’s biggest-ever computer ransom assault began immediately.
Europol described the attack as unique because it combined ransomware with a worm function, meaning once one machine is infected, the entire internal network is scanned and other vulnerable machines are infected.
The attack therefore spread faster than previous, smaller-scale ransomware attacks.
Tech firms probed clues which suggest North Korea was behind the attack. Anti-virus companies Symantec and Kaspersky said technical clues led them back to the North Korea-linked Lazarus group.
The group has already been blamed for a string of hacks dating back to 2009, including the Sony Pictures Entertainment hack in 2014.
Researchers from Kaspersky said: “We believe this might hold the key to solve some of the mysteries around this attack.
“We believe it’s important that other researchers around the world investigate these similarities and attempt to discover more facts about the origin of WannaCry.”
On October 30, Britain’s Security Minister Ben Wallace the Government believed “quite strongly” that Pyongyang was responsible.
Tory MP Mr Wallace said the attack could have been motivated by an attempt by North Korea to access foreign funds.
He said the regime has been “potentially linked to other attacks about raising foreign currency”.
Pyongyang responded with fury to the claims, blasting it as an “attempt to incriminate the Democratic People’s Republic of Korea [DPRK]”.
A statement by the state-run Korean Central News Agency said: “The UK has made another attempt to incriminate the DPRK as a cyber-criminal. This is an act beyond the limit of our tolerance.
“The DPRK has clarified our principled stand, on every opportune occasion, to oppose terrorism in all its forms and manifestations.
“We have expressed sincere sympathy and condolences to the UK when its citizens fell victim to terrorist attack.
“It does not make any sense that the DPRK which gives the…priority to…health…would carry out a cyber-attack on the UK health service.
“The UK, if it is a law-governed state, should seriously reflect on its despicable moves to damage the image of the DPRK.”
HAD SON TOO MANY
Mum helps naked stranger in Halloween makeup to bed thinking it’s her son
North Korea ‘nuclear base COLLAPSES killing 200’ amid radioactive leak fears
MAY’S SINNER CIRCLE
Sex pest dossier names SIX Cabinet ministers and senior allies of PM
Gunmen in masks use automatic weapons to open fire at illegal London rave
Experts stumble on mysterious hole in the Great Barrier Reef and are VERY excited
Arrest warrant issued for Rose McGowan as she claims plot to ‘silence me’