North Korea 'directly responsible' for global WannaCry cyber attack which hit Norfolk hospitals, says USA
PUBLISHED: 08:56 19 December 2017 | UPDATED: 09:04 19 December 2017
The United States has publicly blamed North Korea for the WannaCry cyber attack which hit the James Paget University Hospital (JPUH) in Gorleston.
President Donald Trump’s homeland security adviser, Tom Bossert, said the country was “directly responsible” for the ransomware attack that hit 81 out of 236 NHS trusts in England, plus a further 595 GP practices.
JPUH was one of the hospitals across the country hit, which caused all weekend appointments to be cancelled.
At the Norfolk and Norwich University Hospital there was minor disruption with eight computers affected.
Mr Bossert was writing in the Wall Street Journal as Mr Trump unveiled a new US national security strategy which includes strengthening the country’s cyber defence capabilities.
“After careful investigation, the US today publicly attributes the massive WannaCry cyber attack to North Korea,” the adviser wrote.
“The attack spread indiscriminately across the world in May. It encrypted and rendered useless hundreds of thousands of computers in hospitals, schools, businesses and homes.
“While victims received ransom demands, paying did not unlock their computers. It was cowardly, costly and careless. The attack was widespread and cost billions, and North Korea is directly responsible.”
In October, Home Office minister Ben Wallace said the UK Government believed “quite strongly” that a foreign state was behind the cyber attack and named North Korea.
Pyongyang had been widely blamed for the cyber attack in security circles, and Microsoft’s president, Brad Smith, also pointed the finger at Kim Jong Un’s secretive state.
A National Audit Office (NAO) report released in October found almost 19,500 medical appointments, including 139 potential cancer referrals, were estimated to have been cancelled, with five hospitals having to divert ambulances away after being locked out of computers.
However, the report found the attack could have been prevented if “basic IT security” measures had been taken.
All infected machines were running computer systems - the majority Windows 7 - that had not been updated to secure them against such attacks.
Mr Wallace suggested the attack could have been motivated by an attempt by the economically isolated North Korean state to access foreign funds.