Results 1 to 9 of 9
  1. #1
    Thailand Expat misskit's Avatar
    Join Date
    Dec 2009
    Last Online
    @
    Location
    Chiang Mai
    Posts
    48,105

    British security minister says North Korea was behind WannaCry hack on NHS

    The British government has admitted publicly for the first time that it is all but certain North Korea carried out the "WannaCry" malware attack which devastated NHS IT systems in May.


    A report released by the National Audit Office (NAO) on Friday found that hospital trusts were left vulnerable to the attack because basic recommendations on cyber-security were not followed.


    Speaking on the BBC's Today programme, the security minister Ben Wallace said the government now believes a North Korean hacking group was responsible, but stopped short of suggesting the UK could carry out retaliatory attacks.


    "This attack, we believe quite strongly that this came from a foreign state," Mr Wallace said. Adding that the state involved was "North Korea", he said: "We can be as sure as possible. I obviously can’t go into the detail of intelligence, but it is widely believed in the community and across a number of countries that North Korea had taken this role."



    WannaCry hack report exposes basic failings in NHS cybersecurity


    Asked what the UK could do in response to the attack, the minister admitted that it would be "challenging" to arrest anyone when a "hostile state" was involved.


    He called on the West to instead develop a "doctrine of deterrent" similar to that used to prevent the use of nuclear weapons. "We do have a counter attack capability," he said. "But let's remember we are an open liberal democracy with a large reliance on IT systems. We will obviously have a different risk appetite. If you get into tit for tat there has to be serious consideration of the risk we would expose UK citizens to."



    Earlier an independent investigation concluded that the cyber attack which crippled parts of the NHS could have been prevented if "basic IT security" measures had been taken.


    The head of the NAO warned the health service and Department of Health to "get their act together" in the wake of the WannaCry crisis, or risk suffering a more sophisticated and damaging future attack.


    The NAO's probe found that almost 19,500 medical appointments, including 139 potential cancer referrals, were estimated to have been cancelled, with five hospitals having to divert ambulances away after being locked out of computers on 12 May.


    The malware is believed to have infected machines at 81 health trusts across England – a third of the 236 total, plus computers at almost 600 GP surgeries, the NAO found.


    All were running computer systems – the majority Windows 7 – that had not been updated to secure them against such attacks.


    Mr Wallace accepted that the attack could have been avoided if software had been properly updated.


    "It's a salient lesson for us all that all of us, from individuals to governments to large organisations, have a role to play in maintaining the security of our networks," he said.


    British systems came under attack on a weekly basis from organised criminals and "a number" of foreign countries which seek to collect intelligence or carry out a "state-sponsored criminal attack".


    Expanding on the prospect of the UK fighting back back online, he said: "Other countries do have doctrines and military thinking along that line, but the West – the United States, Europe and the United Kingdom – are much more thoughtful about these things because, ultimately, if we were to take some action, we have to remember that some of these states may, as we have seen with this WannaCry, strike out at the rest of our functions."


    In a report cataloguing the failures which led to May's attack, the NAO said that while the health service's IT arm NHS Digital had issued "critical alerts" about WannaCry in March and April, the DoH had "no formal mechanism" to determine whether local NHS organisations had taken any action.


    NAO head Sir Amyas Morse said: "There are more sophisticated cyber threats out there than WannaCry so the Department (of Health) and the NHS need to get their act together to ensure the NHS is better protected against future attacks."


    More than 300,000 computers in 150 countries were infected with the WannaCry ransomware.


    It crippled organisations from government agencies and global companies by targeting computers with outdated security.


    British security minister says North Korea was behind WannaCry hack on NHS | The Independent

  2. #2
    Thailand Expat
    Klondyke's Avatar
    Join Date
    Aug 2014
    Last Online
    26-09-2021 @ 10:28 PM
    Posts
    10,105
    It has to be very assuring for the citizens of one of the most developed country when their security minister claims that their very sophisticated systems are so vulnerable that even one of the most under-developed country can put them down.

    Similarly when the 911 attack has occurred despite the most developed "defense" systems detecting anything anywhere, however vulnerable to few amateur fliers controlled by a caveman from the end of the world.

  3. #3
    R.I.P.
    crackerjack101's Avatar
    Join Date
    Feb 2016
    Last Online
    15-11-2020 @ 07:58 PM
    Posts
    5,574
    Can someone explain to me why the combined IT skills and knowledge of the so called "free world" are unable to incapacitate the North Korean IT systems?

  4. #4
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555
    Quote Originally Posted by Klondyke View Post
    It has to be very assuring for the citizens of one of the most developed country when their security minister claims that their very sophisticated systems are so vulnerable that even one of the most under-developed country can put them down.
    Who said that NHS IT was "their very sophisticated systems"?

    They hacked some old Windows computers not GCHQ you idiot.

  5. #5
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555
    Quote Originally Posted by crackerjack101 View Post
    Can someone explain to me why the combined IT skills and knowledge of the so called "free world" are unable to incapacitate the North Korean IT systems?
    Probably because they aren't connected to the Internet and most of these attacks are launched remotely.

    For example, iirc Stuxnet was launched from computers in Burma and Hong Kong.

  6. #6
    Thailand Expat jabir's Avatar
    Join Date
    Jul 2016
    Last Online
    @
    Posts
    12,009
    Quote Originally Posted by crackerjack101 View Post
    Can someone explain to me why the combined IT skills and knowledge of the so called "free world" are unable to incapacitate the North Korean IT systems?
    Could be they won't risk sending the 'experts' in to disable noko systems in case they're booby trapped to trigger.

  7. #7
    R.I.P.
    crackerjack101's Avatar
    Join Date
    Feb 2016
    Last Online
    15-11-2020 @ 07:58 PM
    Posts
    5,574
    Quote Originally Posted by harrybarracuda View Post
    Probably because they aren't connected to the Internet and most of these attacks are launched remotely.

    For example, iirc Stuxnet was launched from computers in Burma and Hong Kong.

    OK. Thanks for that, but am I to understand that western governments, with all their IT power and skill, can't do anything?
    It's hard for an IT idiot like me to understand that how, given the money and resources available, it's not possible for them to "hack" (I believe that's the term) these NK systems.
    Will it just come down to some dark entity from the internet wearing Guy Fawkes masks doing it for personal gain?

  8. #8
    Thailand Expat
    Klondyke's Avatar
    Join Date
    Aug 2014
    Last Online
    26-09-2021 @ 10:28 PM
    Posts
    10,105
    Quote Originally Posted by harrybarracuda View Post
    Who said that NHS IT was "their very sophisticated systems"?

    They hacked some old Windows computers not GCHQ you idiot.
    I assume that a country that not so long ago called itself an empire where the sun never set down - and being the closest friend of the world's most developed country - would possess few HiTech computers (perhaps Macs) for security of their beloved citizens, won't they?

  9. #9
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555
    Quote Originally Posted by Klondyke View Post
    I assume that a country that not so long ago called itself an empire where the sun never set down - and being the closest friend of the world's most developed country - would possess few HiTech computers (perhaps Macs) for security of their beloved citizens, won't they?
    What on earth are you fucking babbling on about now?

    Read the fucking OP.

    It says it was the NHS that was hit, not the security services.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •