Slash Boxes

SoylentNews is people

posted by Fnord666 on Sunday October 29 2017, @10:07PM   Printer-friendly
from the security-by-closed-eyes dept.

UK blames North Korea for WannaCry attacks

The United Kingdom released its final report Friday on the WannaCry ransomware attacks that caused mass disruption in its hospital system, with a U.K. official saying the country believes the attacks originated in North Korea.

"This attack, we believe quite strongly that it came from a foreign state," Ben Wallace, a junior minister for security, told BBC 4 Radio, adding that the government was "as sure as possible" that nation was North Korea.

NHS 'could have prevented' WannaCry ransomware attack

The report said NHS trusts had not acted on critical alerts from NHS Digital and a warning from the Department of Health and the Cabinet Office in 2014 to patch or migrate away from vulnerable older software.

The Department of Health also lacked important information, the report said. "Before 12 May 2017, the department had no formal mechanism for assessing whether NHS organisations had complied with its advice and guidance."

Organisations could also have better managed their computers' firewalls - but in many cases they did not, it said.

NHS organisations have not reported any cases of harm to patients or of their data being stolen as a result of WannaCry.

Also at NPR.

Original Submission

Related Stories

Boeing Production Plant Hit with Windows' WannaCry Ransomware Attack 37 comments

A derivative of Microsoft Windows ransonware, Wannacry, has hit a Boeing production plant in Charleston, South Carolina. An internal memo from Mike VanderWel, chief engineer of Boeing Commercial Airplane production engineering, warned that the company's production systems and airline software were "at risk".

Wannacry was based on Microsoft Windows' CVE 2017-0144 which is used in the EternalBlue exploit kit. EternalBlue was initially utilized in apparent coordination with Microsoft's long delay in patching. Despite massive media spin, Wannacry was found to have hit all recent versions of Microsoft Windows.

The Verge: Boeing production plant hit with WannaCry ransomware attack
The New York Times: Boeing Possibly Hit by ‘WannaCry’ Malware Attack
The Daily Express: Vital Boeing computer network INFECTED with WannaCry VIRUS - is it safe to fly?.

Previously: UK Blames North Korea for WannaCry Attacks, Says NHS Didn't Follow Cybersecurity Guidelines
WannaCry Ransomware Attack Linked to North Korea by Symantec

Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Insightful) by Whoever on Sunday October 29 2017, @10:40PM (10 children)

    by Whoever (4524) on Sunday October 29 2017, @10:40PM (#589233) Journal

    Instead of blaming poor security, blame North Korea instead.

    What has NK got to gain from hacking the NHS? Nothing, except in the fevered imaginations of the war hawks.

    • (Score: 1, Insightful) by Anonymous Coward on Sunday October 29 2017, @10:47PM

      by Anonymous Coward on Sunday October 29 2017, @10:47PM (#589236)

      I think you mean chicken hawks instead of war hawks. War hawks may fight but chicken hawks get bone spurs.

    • (Score: 4, Informative) by takyon on Sunday October 29 2017, @11:08PM (7 children)

      by takyon (881) <{takyon} {at} {}> on Sunday October 29 2017, @11:08PM (#589241) Journal

      Your info is sadly years out of date:

      The World Once Laughed at North Korean Cyberpower. No More. []

      Maybe the attribution is incorrect, but your idea that "war hawks" are falsifying it doesn't make any sense. UK doesn't want to go to war with North Korea, and the U.S. probably doesn't (who knows what Trump wants?). The idea that NK has nothing to gain is also false. They don't call it "ransomware" for nothing, and some state-sponsored hacking is done for the data rather than money. If NK has no use for the data (except blackmail and phishing can be a great use), then they know who does: China.

      [SIG] 10/28/2017: Soylent Upgrade v14 []
      • (Score: 0) by Anonymous Coward on Sunday October 29 2017, @11:11PM (3 children)

        by Anonymous Coward on Sunday October 29 2017, @11:11PM (#589243)

        Doesn't change the fact that N Korea has nothing to gain by hacking the UK's NHS. What would they gain?

        • (Score: 3, Interesting) by takyon on Sunday October 29 2017, @11:18PM (1 child)

          by takyon (881) <{takyon} {at} {}> on Sunday October 29 2017, @11:18PM (#589245) Journal

          Money. It's ransomware. Some people did pay out.

          You are also forgetting that the NHS was far from the only target:


          The attack began on Friday, 12 May 2017, and within a day was reported to have infected more than 230,000 computers in over 150 countries. Parts of the United Kingdom's National Health Service (NHS) were infected, causing it to run some services on an emergency-only basis during the attack, Spain's Telefónica, FedEx and Deutsche Bahn were hit, along with many other countries and companies worldwide.

          Affected organizations:

          Andhra Pradesh Police, India[127]
          Aristotle University of Thessaloniki, Greece[128]
          Automobile Dacia, Romania[129]
          Cambrian College, Canada[130]
          Chinese public security bureau[131]
          CJ CGV[132]
          Dalian Maritime University[133]
          Deutsche Bahn[134]
          Dharmais Hospital, Indonesia[135]
          Faculty Hospital, Nitra, Slovakia[136]
          Garena Blade and Soul[138]
          Guilin University Of Aerospace Technology[133]
          Guilin University Of Electronic Technology[133]
          Harapan Kita Hospital[disambiguation needed], Indonesia[135]
          Hezhou University[133]
          Instituto Nacional de Salud, Colombia[141]
          Lakeridge Health[142]
          LATAM Airlines Group[144]
          Ministry of Internal Affairs of the Russian Federation[146]
          Ministry of Foreign Affairs (Romania)[147]
          National Health Service (England)[148][92][94]
          NHS Scotland[92][94]
          Nissan Motor Manufacturing UK[148]
          O2, Germany[149][150]
          Portugal Telecom[152]
          Pulse FM[153]
          Russian Railways[156]
          São Paulo Court of Justice[151]
          Saudi Telecom Company[157]
          Shandong University[133]
          State Governments of India
          Government of Gujarat[158]
          Government of Kerala[158]
          Government of Maharashtra[159]
          Government of West Bengal[158]
          Suzhou Vehicle Administration[133]
          Sun Yat-sen University, China[135]
          Telenor Hungary, Hungary[161]
          Telkom (South Africa)[162]
          Timrå Municipality, Sweden[163]
          Universitas Jember, Indonesia[164]
          University of Milano-Bicocca, Italy[165]
          University of Montreal, Canada[166]
          Vivo, Brazil[151]
          [SIG] 10/28/2017: Soylent Upgrade v14 []
          • (Score: 1, Insightful) by Anonymous Coward on Monday October 30 2017, @08:15AM

            by Anonymous Coward on Monday October 30 2017, @08:15AM (#589369)


            You really believe the North Koreans wrote Wannacry which has such an easy killswitch in the code? When North Koreans screw up it's not just them who get executed. Their families get executed or imprisoned too. All to make less than USD100,000 for the North Korean Government in traceable Bitcoin?

            Just because some code matches doesn't mean much.

            Quote the NY Times:

            Those clues alone are not definitive, however. Hackers often borrow and retrofit one another’s attack methods, and government agencies are known to plant “false flags” in their code to throw off forensic investigators.

            Now if you can link the "Patient Zero"(s) to North Korea then I'll put more weight on the NK accusations. Till then you've really got nothing except hearsay and propaganda.

        • (Score: 3, Insightful) by frojack on Monday October 30 2017, @07:31AM

          by frojack (1554) Subscriber Badge on Monday October 30 2017, @07:31AM (#589364) Journal

          Doesn't change the fact that N Korea has nothing to gain by hacking the UK's NHS.

          You hack where you can, where its easy. Where people are unprepared. You don't even know your targets, and you certainly don't pick them

          You don't set out to hack any specific place.

          You accept any low hanging fruit that comes your way.

          The NHS apparently hired people with your mind set. No doubt graduates of the Alfred E Newman school of network security.

          No, you are mistaken. I've always had this sig.
      • (Score: 2) by Whoever on Monday October 30 2017, @01:24AM (2 children)

        by Whoever (4524) on Monday October 30 2017, @01:24AM (#589282) Journal

        ... because the Western powers don't have a record of over-stating the capabilities of their adversaries, do they?

    • (Score: 4, Insightful) by Snotnose on Sunday October 29 2017, @11:54PM

      by Snotnose (1623) on Sunday October 29 2017, @11:54PM (#589253)

      Instead of blaming poor security, blame North Korea instead.

      Horse hockey. Fix your damned security. If it wasn't the Norks it would have been someone else.

      Relationship status: Available for curbside pickup.
  • (Score: 1, Insightful) by Anonymous Coward on Monday October 30 2017, @04:07AM

    by Anonymous Coward on Monday October 30 2017, @04:07AM (#589340)

    Sounds like some bigwig should spend some time thinking in the cooler to avoid making such colossal fuckups in the future.

    But of course nobody will take the blame. Responsibility of for the little people.