Cyber-attack: US and UK blame North Korea for WannaCry

The US and UK governments have said North Korea was responsible for the WannaCry malware attack affecting hospitals, businesses and banks across the world earlier this year.

The attack is said to have hit more than 300,000 computers in 150 nations, causing billions of dollars of damage.

It is the first time the US and UK have officially blamed them for the worm.

Thomas Bossert, an aide to US President Donald Trump, first made the accusation in the Wall Street Journal newspaper.

Mr Bossert, who advises the president on homeland security, said the allegation was “based on evidence”.

He did not produce any evidence in the article, but said US findings concurred with judgments from other governments and private companies.

He added that Australia, Canada, and New Zealand also share the US conclusion that North Korea was behind the attack.

Following the interview, the UK Foreign Office also blamed “North Korean actors using their cyber programme to circumvent sanctions”.

The National Cyber Security Centre assessed that is is “highly likely” that the North Korean Lazarus hacking group had committed the attacks, Minister for Cyber Lord Ahmad said in a statement.

In May, Windows computers hit by the cyber-attack had their contents locked, with users asked to a pay a ransom to have their data restored. EU police body Europol called the scale of the attack “unprecedented”.

In the Wall Street Journal piece, Mr Bossert said North Korea must be held “accountable” and that the US would continue to use a “maximum pressure strategy” to hinder the regime’s ability to mount cyber-attacks.

He did not specify what action, if any, the US government planned to take in response to the findings.

North Korea is already facing major economic sanctions after being redesignated a state-sponsor of terrorism last month amid tension over its nuclear programme and missile tests.

“North Korea has acted especially badly, largely unchecked, for more than a decade, and its malicious behaviour is growing more egregious. WannaCry was indiscriminately reckless,” Mr Bossert wrote.

“As we make the internet safer, we will continue to hold accountable those who harm or threaten us, whether they act alone or on behalf of criminal organizations or hostile nations,” he went on.

“The tool kits of totalitarian regimes are too threatening to ignore.”

He added that Microsoft and Facebook both acted to disable North Korean cyber-attacks “on their own initiative last week, without any direction or participation by the US”.

‘Unprecedented attack’

In the UK, the National Health Service (NHS) was hit particularly hard by the cyber-attack, with 48 affected health trusts forced to turn many patients away for appointments and even surgeries.

It spread across the world, with Russia reportedly being badly hit, causing problems to the country’s postal service.

In 2014, the US claimed North Korea were behind cyber-attacks on Sony Pictures, after it released a film featuring the fictional killing of its leader Kim Jong-un.

The entertainment company had its films leaked and details of corporate finances and private emails released online.

The North Koreans hit out at former president Barack Obama over the claim, but has not yet responded to the White House accusations about the WannaCry hack.

In October it said rumours from a UK government minister that they were behind the 2017 attack was “groundless speculation”, and a “wicked attempt” to tighten international sanctions on the country.