UK Blames North Korea for WannaCry – Says “Tit for Tat” Will Pose UK Systems to Serious Risk
After United States, the British government is now blaming North Korea for cyberattacks too. In an interview with BBC's Today programme, the country's security minister Ben Wallace said the government believes that North Korea was responsible for the WannaCry ransomware epidemic that hit businesses and hospitals (most notably NHS) in the United Kingdom earlier this year.
"This attack, we believe quite strongly that this came from a foreign state," Wallace said adding that "North Korea was the state that we believe was involved in this worldwide attack."
"We can be as sure as possible. I obviously can’t go into the detail of intelligence, but it is widely believed in the community and across a number of countries that North Korea had taken this role."
The attack impacted over 300,000 computers in over 150 countries, but NHS was the worst victim that had to cancel over 19,500 medical appointments.
WannaCry could have been prevented if companies had followed "basic" security practices
A report published today by the UK's National Audit Office (NAO) revealed that hackers were successful in their ransomware attacks that affected over 80 hospital groups and 600 general practitioners in the country because they failed to implement "basic" IT security measures. The report has called it an unsophisticated attack that was successful only because of poor security practices.
"It was a relatively unsophisticated attack and could have been prevented by the NHS following basic IT security best practice." NAO
NAO went on to add that NHS would have been able to completely avoid falling victim to the May's WannaCry outbreak if it had implemented basic security measures. NAO chief Amyas Morse added that there were already warnings of the attack (due to NSA leaks by The Shadow Brokers and patches sent out by Microsoft) but NHS and others ignored multiple warnings and recommendations sent out by the security community.
"There are more sophisticated cyber threats out there than WannaCry so the Department (of Health) and the NHS need to get their act together to ensure the NHS is better protected against future attacks."
Wallace, while putting the blame on North Korea, accepted that the panic could have been avoided if computers had been kept up to date. "It's a salient lesson for us all that all of us, from individuals to governments to large organisations, have a role to play in maintaining the security of our networks," he added.
When asked if the country would retaliate against North Korea, he said "if you get into tit-for-tat there has to be serious consideration about the risk we will expose the UK systems to."