Foreign Office says North Korean Lazarus Group behind NHS cyber attack
WHITEHALL has publicly named the shadowy North Korea cyber crime group it believes was responsible for the WannaCry ransomware attack which crippled parts of the NHS earlier this year.
The Foreign Office said the National Cyber Security Centre had assessed that it was “highly likely” the attack in May was the work of cyber criminals known as the Lazarus Group.
Ben Wallace, the Security Minister, has previously said the UK Government believed “quite strongly” that a foreign state was behind the the attack, naming North Korea as the main suspect.
In the latest statement, Lord Ahmad of Wimbledon, the Foreign Office Minister, said: “The UK’s National Cyber Security Centre assesses it is highly likely that North Korean actors known as the Lazarus Group were behind the WannaCry ransomware campaign; one of the most significant to hit the UK in terms of scale and disruption.
“We condemn these actions and commit ourselves to working with all responsible states to combat destructive criminal use of cyber space.
“The indiscriminate use of the WannaCry ransomware demonstrates North Korean actors using their cyber programme to circumvent sanctions.”
Computer systems in around 150 countries around the the world – including dozens of NHS trusts in the UK – were caught up in the attack, which saw screens frozen with a warning that they would not be unlocked unless a ransom was paid.
The latest intervention comes as the US Government also pointed the finger of blame at Pyongyang.
Tom Bossert, the Homeland security adviser, said North Korea was “directly responsible” for the attack and would be held accountable for what happened.
“After careful investigation, the US today publicly attributes the massive WannaCry cyber attack to North Korea,” he wrote in an article for the Wall Street Journal.
“The attack spread indiscriminately across the world in May. It encrypted and rendered useless hundreds of thousands of computers in hospitals, schools, businesses and homes.
“While victims received ransom demands, paying did not unlock their computers. It was cowardly, costly and careless. The attack was widespread and cost billions, and North Korea is directly responsible.”
Mr Bossert said the US administration’s finding of responsibility was based on evidence and had been confirmed by other governments and private companies, including the UK and Microsoft.
The Lazarus Group has previously been linked to the 2014 Sony Pictures hack, which led to the Hollywood studio cancelling the release of The Interview, a satirical comedy featuring a plot to assassinate North Korean leader Kim Jong-un.
It was also implicated in a £60 million cyber heist from the Bangladeshi central bank as well as similar attacks on banks in Vietnam and Ecuador.
Lord Ahmad said Britain was committed to pursuing the perpetrators of such cyber crimes.
“International law applies online as it does offline,” he said.
“The United Kingdom is determined to identify, pursue and respond to malicious cyber activity regardless of where it originates, imposing costs on those who wish to attack us in cyberspace.
“We are committed to strengthening co-ordinated international efforts to uphold a free, open, peaceful and secure cyberspace,” he added.