The British government has admitted that it is “as sure as possible” that North Korea carried out the “WannaCry” malware attack which devastated NHS IT systems in May.
A report released by the National Audit Office (NAO) on Friday found that hospital trusts were left vulnerable to the attack because basic recommendations on cybersecurity were not followed.
Speaking on the BBC’s Today programme, the security minister Ben Wallace said the government now believes a North Korean hacking group was responsible, but stopped short of suggesting the UK could carry out retaliatory attacks.
“This attack, we believe quite strongly that this came from a foreign state,” said Wallace. Adding that the state involved was “North Korea”, he said: “We can be as sure as possible. I obviously can’t go into the detail of intelligence, but it is widely believed in the community and across a number of countries that North Korea had taken this role.”
Asked what the UK could do in response to the attack, the minister admitted that it would be “challenging” to arrest anyone when a “hostile state” was involved.
Instead, he called on the West to develop a “doctrine of deterrent” similar to that used to prevent the use of nuclear weapons. “We do have a counter attack capability,” he said. “But let’s remember we are an open liberal democracy with a large reliance on IT systems. We will obviously have a different risk appetite. If you get into tit for tat there has to be serious consideration of the risk we would expose UK citizens to.”
North Korea has already been widely accused of being responsible—a charge the country has denied. Wallace’s remarks also echo statements made this month by Microsoft President Brad Smith, who said, “I think at this point that all observers in the know have concluded that WannaCry was caused by North Korea using cyber tools or weapons that were stolen from the National Security Agency in the United States.”
Earlier, an independent investigation concluded that the cyber-attack which crippled parts of the NHS could have been prevented if “basic IT security” measures had been taken.
The head of the NAO warned the health service and Department of Health to “get their act together” in the wake of the WannaCry crisis, or risk suffering a more sophisticated and damaging future attack.
The NAO’s probe found that almost 19,500 medical appointments, including 139 potential cancer referrals, were estimated to have been cancelled, with five hospitals having to divert ambulances away after being locked out of computers on 12 May.
In total, more than 300,000 computers in 150 countries were infected with the WannaCry ransomware.