US blames North Korea for WannaCry cyber attack that paralysed NHS

Margi Murphy
Updated
North Korean leader Kim Jong-Un visiting Mount Paektu in Ryanggang Province, North Korea - AFP
North Korean leader Kim Jong-Un visiting Mount Paektu in Ryanggang Province, North Korea - AFP

The US has blamed North Korea for the rampant WannaCry ransomware that infected more than 200,000 victims in around 150 countries.

Businesses, schools and hospitals including the NHS were brought to their knees by the malicious software after it spread in May. 

Tom Bossert, President Donald Trump’s security adviser said that the rogue Asian state was "directly responsible" for the malware that spread “indiscriminately”.  He said that officials had investigated the matter and had evidence to suggest the attack came from North Korea.

"North Korea has acted especially badly, largely unchecked, for more than a decade, and its malicious behaviour is growing more egregious," he wrote in the Wall Street Journal.

"WannaCry was indiscriminately reckless. As we make the internet safer, we will continue to hold accountable those who harm or threaten us, whether they act alone or on behalf of criminal organizations or hostile nations."

A programer shows a sample of a ransomware cyberattack on a laptop - Credit: EPA
WannaCry ransomware victims were met with a red screen asking them to deposit Bitcoin in return for their files Credit: EPA

He hinted that Mr Trump might take action, adding: "the tool kits of totalitarian regimes are too threatening to ignore".

It comes as Mr Trump plugged his new national security strategy with a focus on cyber defence. 

The White House will give an official statement blaming Kim Jong-un’s regime on Tuesday. It confirms British security chiefs’ conclusions about Pyongyang’s involvement earlier this year. 

In October, security minister Ben Wallace said that he was “as sure as possible” that North Korea was to blame.

About | WannaCry

This morning foreign office minister for cyber, Lord Ahmad, said the UK "is determined to identify, pursue and respond to malicious cyber activity regardless of where it originates, imposing costs on those who wish to attack us in cyberspace".

He re-iterated that the National Cyber Security Centre blamed government backed Lazarus Group for the hack. 

The WannaCry ransomware spread worldwide but only struck computer systems that an out-of-date operating system, Windows 7.

Hundreds of NHS clinics and several hospitals were forced to halt surgeries and appointments. Honda, Nissan and Fed Ex also fell victim. 

WannaCry ransomware map - locations of infection

Infected systems presented as a red screen which warned that files had been encrypted. It had a set of instructions and a timer for the owner to deposit Bitcoin by a certain time for the return of their files. 

British computer whizz Marcus Hutchins, 23, was widely regarded a hero after he figured out a way to stop the malware spreading using a "kill switch" but he soon fell from grace after he was arrested by US police while attending a cyber security conference in Las Vegas for his alleged involvement in creating a banking malware called Kronos. 

Hutchins was arrested on August 2 as he waited to catch a flight home and has been bailed but banned from leaving the country and is under house arrest, but is allowed online where he can regularly be found tweeting updates. 

Hutchins awaits trial after pleading not guilty to six charges related to Kronos and faces up to 40 years in jail.