{"id":329413,"date":"2017-06-19T06:15:00","date_gmt":"2017-06-19T06:15:00","guid":{"rendered":"http:\/\/citifmonline.com\/?p=329413"},"modified":"2017-06-19T06:15:00","modified_gmt":"2017-06-19T06:15:00","slug":"nhs-cyber-attack-was-launched-from-north-korea","status":"publish","type":"post","link":"https:\/\/citifmonline.com\/2017\/06\/nhs-cyber-attack-was-launched-from-north-korea\/","title":{"rendered":"NHS cyber-attack was ‘launched from North Korea’"},"content":{"rendered":"
British security officials believe that hackers in North Korea were behind the cyber-attack that crippled parts of the NHS and other organisations around the world last month, the BBC has learned.<\/p>\n
Britain’s National Cyber Security Centre (NCSC) led the international investigation.<\/p>\n
Security sources have told the BBC that the NCSC believes that a hacking group known as Lazarus launched the attack.<\/p>\n
The US Computer Emergency Response Team has also warned about Lazarus.<\/p>\n
The same group is believed to have targeted Sony Pictures in 2014.<\/p>\n
The Sony hack came as the company planned to release the movie The Interview, a satire about the North Korean leadership starring Seth Rogen. The movie was eventually given a limited release after an initial delay.<\/p>\n
The same group is also thought to have been behind the theft of money from banks.<\/p>\n
In May, ransomware called WannaCry swept across the world, locking computers and demanding payment for them to be unlocked. The NHS in the UK was particularly badly hit.<\/p>\n
Officials in Britain’s National Cyber Security Centre (NCSC) began their own investigation and concluded their assessment in recent weeks.<\/p>\n
The ransomware did not target Britain or the NHS specifically, and may well have been a money-making scheme that got out of control, particularly since the hackers do not appear to have retrieved any of the ransom money as yet.<\/p>\n
Although the group is based in North Korea the exact role of the leadership in Pyongyang in ordering the attack is less clear.<\/p>\n
Private sector cyber-security researchers around the world began picking apart the code to try to understand who was behind the attack soon after.<\/p>\n
Adrian Nish, who leads the cyber threat intelligence team at BAE Systems, saw overlaps with previous code developed by the Lazarus group.<\/p>\n
“It seems to tie back to the same code-base and the same authors,” Nish says. “The code-overlaps are significant.”<\/p>\n