Security joins Microsoft in fingering North Korea for WannaCry

I can’t go into the details of our intelligence, but...

By John Leyden


The UK government has joined Microsoft in blaming North Korea for the WannaCry ransomware attack.

Security minister Ben Wallace appeared on BBC Radio4's flagship Today programme on Friday morning to blame North Korea for the infamous ransomware attack that disrupted the operation of one in three NHS Trusts in England as well as numerous other organisations worldwide. Wallace began by accepting a National Audit Office report that that the outbreak could have been prevented by the application of missed patches and adequate firewall defences by NHS Trusts.

"North Korea was the state that we believe was involved in this worldwide attack on our systems," Wallace said, before adding (when challenged on this attribution by presenter John Humphries): "We can be as sure as possible… I can’t go into the details of our intelligence."

He added: "It is widely believed across the community and in a number of countries that North Korea had taken this role."

Wallace went on to say that North Korea had linked to other attacks aimed at raising foreign currency, a possible reference to either recent attacks on Asian digital currency exchanges or Pyongyang's counterfeit currency manufacturing operations.

Brad Smith, Microsoft's president and chief legal officer, also blamed North Korea for the devastating WannaCry ransomware attack in a recent interview with commercial news outlet ITV.

Smith said "all observers in the know" now think Kim Jong-un's regime used exploits created by and leaked from the US National Security Agency to create the malware [a reference to the Equation Group leak and Shadow Brokers].

Redmond's president went on to that Microsoft was not to blame for the infection of systems using older operating systems, such as Windows XP, he told ITV.

Continued use of Windows XP within the NHS, while initially suspected, was not a factor in the spread of WannaCry. Windows XP machines crashed rather than becoming infected when subjected to WannaCry. Unpatched Windows 7 machines were a far more important factor, it transpired. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

FBI fingers North Korea for two malware strains

'Joanap' and 'Brambul' harvest info about your systems and send it home

North Korea's antivirus software whitelisted mystery malware

'SiliVaccine' uses ancient, stolen, Trend Micro AV engine and bad home-brew crypto

US Treasury goes after IT shops for funneling cash to North Korea

Meanwhile, Norks deny Sony hacker ever existed

US-CERT warns of more North Korean malware

'Typeframe' springs from the same den as 'Hidden Cobra'

'Desperate' North Korea turns to bank hacking sprees to rake in much-needed dosh

State-sponsored intrusions meets financial acquisition with APT38

Don't want to alarm you, but defence bods think North Korea could nuke UK 'within a few years'

Report on threat posed by rogue state demands more cash for government hackers

Cyber-insurance shock: Zurich refuses to foot NotPetya ransomware clean-up bill – and claims it's 'an act of war'

Snack company client disagrees, sues for $100m

North Korea's finest spent 2017 distributing RATs, wipers, and phish

And sent them mostly to South Korea, naturally

Florida Man laundered money for Reveton ransomware. Then Microsoft hired him

Former network engineer gets 18 months in the clink

First shots at South Korea could herald malware campaign of Olympic proportions

Russia, Norks and dog lovers all potential perps, say pundits