British security chiefs believe North Korea was behind crippling NHS cyber attack after international probesteemCreated with Sketch.

in #news7 years ago

Security sources have revealed Lazarus – the same hacking group which targeted Sony Pictures in 2014 – may have been behind the attack

Hackers in North Korea were behind the cyber-attack that brought the NHS to its knees, British security officials believe.

An international investigation was launched after ransomware called WannaCry locked computers and demanded payment across the world.

The NHS was particularly badly hit but security officials in this country insist the ransomware did not target Britain specifically.

Britain's National Cyber Security Centre (NCSC) now believe hacking group Lazarus were behind the attack.

In 2014, Sony Pictures was hacked just as the company planned to release spy comedy film The Interview which poked fun at North Korea and its leadership.


Security sources have told the BBC the NCSC believes hacking group Lazarus are behind the attack


Lazarus is the same hacking group which is believed to have targeted Sony Pictures in 2014

Lazarus is widely believed to have been behind that hack.

Cyber intelligence expert Adrian Nish, who works at UK defence giant BAE, looked into the hack soon afterwards in May.

He told the BBC : "It seems to tie back to the same code-base and the same authors.


Britain's National Cyber Security Centre (NCSC) led the investigation into the crippling hack


NHS computers were locked and demands were made for money were made

"The code-overlaps are significant."

A string of banks have been the focus of North Korean hackers in recent years.

The central bank of Bangladesh lost $81millon (£63.4m) in 2016 in a theft with many believing the money was then laundered through casinos in the Philippines.

Would-be hackers can purchase malicious software kits – which create ransomware – the same way they would buy a video game.

British security officials believe last month's attack may have got out of control for the hackers who do not appear to have collected any ransom money yet.

No direct link between North Korea's leadership and the hack has been made.