Our coronavirus coverage is free for the first 24 hours. Find the latest information at Please consider subscribing or donating.

  1. Nation & World

Britain says N. Korea was behind cyberattack on health service

Britain believes "quite strongly" that North Korea was behind the "WannaCry" cyberattack in May that wreaked havoc on the National Health Service's computer systems and spread to more than 150 countries, a senior official said on Friday.

The minister of security, Ben Wallace, told the BBC that several other countries had concluded the same thing: North Korea unleashed "ransomware" that buffeted institutions including universities in China, rail systems in Germany and the Russian Interior Ministry.

"This attack, we believe quite strongly, came from a foreign state," he said. "North Korea was the state that we believe was involved this worldwide attack."

Wallace declined to elaborate on the evidence that had led to the conclusion. "I can't obviously go into the detailed intelligence, but it is widely believed in the community and across a number of countries that North Korea had taken this role," he said.

The cyberattack on May 12, which struck thousands of computers around the word, was the largest ever to hit the NHS. The cyberattackers exploited gaps in the security of Windows XP to send malicious software by email that locked users out of their computer systems.

They encrypted the information on them and then demanded payment of $300 or more in bitcoin to unlock the devices.

In Britain, the attack resulted in the abrupt cancellation of patients' operations and delays in medical appointments at dozens of hospitals that struggled to retrieve essential medical information and patient histories.

Britain's National Audit Office said Friday that at least 6,900 appointments had been canceled during the attack, which affected more than one-third of England's 236 NHS trusts. Up to 19,000 appointments may have been affected, it said.

Hospital authorities have said that no patient data was compromised or stolen during the attack. But it had particular resonance in Britain where the NHS, though chronically underfunded, is a vaunted part of the nation's identity.

Wallace warned that it was difficult to respond to a cyberattack committed by a "hostile state." North Korea, which has ambitions to develop a nuclear weapon and has been repeatedly testing missiles despite international sanctions, has also proved adept at sowing havoc through cyberattacks.

"North Korea has been potentially linked to other attacks about raising foreign currency," he said, in an apparent reference to an attack last year in which North Korean hackers tried to steal $1 billion from the New York Federal Reserve, and almost succeeded before being stopped by a spelling error.

The North has an army of 6,000 hackers, and experts in Britain and the United States say their ability to wage effective cyberattacks has improved. In 2014, the country unleashed a cyberattack against Sony Pictures aimed at blocking the release of a satirical film deemed disrespectful of its leader, Kim Jong Un.

Wallace said it was imperative for Britain to reinforce its efforts to defend against future attacks. "It's a salient lesson for us all that all of us, from individuals to governments to large organizations, have a role to play in maintaining the security of our networks," he said.