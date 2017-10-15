Stories
UK Blames North Korea for WannaCry Attacks, Says NHS Didn't Follow Cybersecurity Guidelines

posted by Fnord666 on Sunday October 29, @10:07PM   Printer-friendly
from the security-by-closed-eyes dept.
Security

takyon writes:

UK blames North Korea for WannaCry attacks

The United Kingdom released its final report Friday on the WannaCry ransomware attacks that caused mass disruption in its hospital system, with a U.K. official saying the country believes the attacks originated in North Korea.

"This attack, we believe quite strongly that it came from a foreign state," Ben Wallace, a junior minister for security, told BBC 4 Radio, adding that the government was "as sure as possible" that nation was North Korea.

NHS 'could have prevented' WannaCry ransomware attack

The report said NHS trusts had not acted on critical alerts from NHS Digital and a warning from the Department of Health and the Cabinet Office in 2014 to patch or migrate away from vulnerable older software.

The Department of Health also lacked important information, the report said. "Before 12 May 2017, the department had no formal mechanism for assessing whether NHS organisations had complied with its advice and guidance."

Organisations could also have better managed their computers' firewalls - but in many cases they did not, it said.

NHS organisations have not reported any cases of harm to patients or of their data being stolen as a result of WannaCry.

Also at NPR.

Original Submission


  • (Score: 3, Insightful) by Whoever on Sunday October 29, @10:40PM (4 children)

    by Whoever (4524) on Sunday October 29, @10:40PM (#589233)

    Instead of blaming poor security, blame North Korea instead.

    What has NK got to gain from hacking the NHS? Nothing, except in the fevered imaginations of the war hawks.

    • (Score: 1, Insightful) by Anonymous Coward on Sunday October 29, @10:47PM

      by Anonymous Coward on Sunday October 29, @10:47PM (#589236)

      I think you mean chicken hawks instead of war hawks. War hawks may fight but chicken hawks get bone spurs.

    • (Score: 2) by takyon on Sunday October 29, @11:08PM (2 children)

      by takyon (881) <{takyon} {at} {soylentnews.org}> on Sunday October 29, @11:08PM (#589241) Journal

      Your info is sadly years out of date:

      The World Once Laughed at North Korean Cyberpower. No More. [nytimes.com]

      Maybe the attribution is incorrect, but your idea that "war hawks" are falsifying it doesn't make any sense. UK doesn't want to go to war with North Korea, and the U.S. probably doesn't (who knows what Trump wants?). The idea that NK has nothing to gain is also false. They don't call it "ransomware" for nothing, and some state-sponsored hacking is done for the data rather than money. If NK has no use for the data (except blackmail and phishing can be a great use), then they know who does: China.

      --
      [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]

      • (Score: 0) by Anonymous Coward on Sunday October 29, @11:11PM (1 child)

        by Anonymous Coward on Sunday October 29, @11:11PM (#589243)

        Doesn't change the fact that N Korea has nothing to gain by hacking the UK's NHS. What would they gain?

        • (Score: 2) by takyon on Sunday October 29, @11:18PM

          by takyon (881) <{takyon} {at} {soylentnews.org}> on Sunday October 29, @11:18PM (#589245) Journal

          Money. It's ransomware. Some people did pay out.

          You are also forgetting that the NHS was far from the only target:

          https://en.wikipedia.org/wiki/WannaCry_ransomware_attack [wikipedia.org]

          The attack began on Friday, 12 May 2017, and within a day was reported to have infected more than 230,000 computers in over 150 countries. Parts of the United Kingdom's National Health Service (NHS) were infected, causing it to run some services on an emergency-only basis during the attack, Spain's Telefónica, FedEx and Deutsche Bahn were hit, along with many other countries and companies worldwide.

          --
          [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
