UK blames North Korea for WannaCry attacks
The United Kingdom released its final report Friday on the WannaCry ransomware attacks that caused mass disruption in its hospital system, with a U.K. official saying the country believes the attacks originated in North Korea.
"This attack, we believe quite strongly that it came from a foreign state," Ben Wallace, a junior minister for security, told BBC 4 Radio, adding that the government was "as sure as possible" that nation was North Korea.
NHS 'could have prevented' WannaCry ransomware attack
The report said NHS trusts had not acted on critical alerts from NHS Digital and a warning from the Department of Health and the Cabinet Office in 2014 to patch or migrate away from vulnerable older software.
The Department of Health also lacked important information, the report said. "Before 12 May 2017, the department had no formal mechanism for assessing whether NHS organisations had complied with its advice and guidance."
Organisations could also have better managed their computers' firewalls - but in many cases they did not, it said.
NHS organisations have not reported any cases of harm to patients or of their data being stolen as a result of WannaCry.
Also at NPR.
(Score: 0) by Anonymous Coward on Sunday October 29 2017, @11:11PM (3 children)
Doesn't change the fact that N Korea has nothing to gain by hacking the UK's NHS. What would they gain?
(Score: 3, Interesting) by takyon on Sunday October 29 2017, @11:18PM (1 child)
Money. It's ransomware. Some people did pay out.
You are also forgetting that the NHS was far from the only target:
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 1, Insightful) by Anonymous Coward on Monday October 30 2017, @08:15AM
You really believe the North Koreans wrote Wannacry which has such an easy killswitch in the code? When North Koreans screw up it's not just them who get executed. Their families get executed or imprisoned too. All to make less than USD100,000 for the North Korean Government in traceable Bitcoin?
Just because some code matches doesn't mean much.
Quote the NY Times:
Now if you can link the "Patient Zero"(s) to North Korea then I'll put more weight on the NK accusations. Till then you've really got nothing except hearsay and propaganda.
(Score: 3, Insightful) by frojack on Monday October 30 2017, @07:31AM
You hack where you can, where its easy. Where people are unprepared. You don't even know your targets, and you certainly don't pick them
You don't set out to hack any specific place.
You accept any low hanging fruit that comes your way.
The NHS apparently hired people with your mind set. No doubt graduates of the Alfred E Newman school of network security.
No, you are mistaken. I've always had this sig.