US: North Korea 'directly responsible' for global WannaCry attack that hit NHS


The United States has publicly blamed North Korea for the WannaCry cyber attack which hit the NHS and networks around the world.

President Donald Trump's homeland security adviser, Tom Bossert, said the country was "directly responsible" for the ransomware attack that was "widespread and cost billions".

Mr Bossert was writing in the Wall Street Journal as Mr Trump unveiled a new US national security strategy which includes strengthening the country's cyber defence capabilities.

"After careful investigation, the US today publicly attributes the massive WannaCry cyber attack to North Korea," the adviser wrote.

"The attack spread indiscriminately across the world in May. It encrypted and rendered useless hundreds of thousands of computers in hospitals, schools, businesses and homes.

"While victims received ransom demands, paying did not unlock their computers. It was cowardly, costly and careless. The attack was widespread and cost billions, and North Korea is directly responsible."

In October, Home Office minister Ben Wallace said the UK Government believed "quite strongly" that a foreign state was behind the cyber attack and named North Korea.

Impact of WannaCry cyber attack on the NHS
(PA Graphics)

Pyongyang had been widely blamed for the cyber attack in security circles, and Microsoft's president, Brad Smith, also pointed the finger at Kim Jong Un's secretive state.

The attack that began on May 12 is believed to have infected machines at 81 health trusts across England - a third of the 236 total, plus computers at almost 600 GP surgeries, according to a National Audit Office (NAO) report released in October.

The probe found that almost 19,500 medical appointments, including 139 potential cancer referrals, were estimated to have been cancelled, with five hospitals having to divert ambulances away after being locked out of computers.

-- NSC (@WHNSC) December 18, 2017

However, the report found the attack could have been prevented if "basic IT security" measures had been taken.

All infected machines were running computer systems - the majority Windows 7 - that had not been updated to secure them against such attacks.

Mr Wallace suggested the attack could have been motivated by an attempt by the economically isolated North Korean state to access foreign funds.