Categories: Privacy

Who is Responsible For May’s Ransomware Attacks on the NHS?

Massive global ransomware attacks are not only becoming more common, but far more dangerous, too. In order to protect your devices from these types of threats, make sure that your software is always up to date, and that you install all security patches. You should also regularly scan your device for hidden malware to catch any threats before they become an issue. Click here to use the full virus scan feature to check your device for security threats:


What Was the Ransomware Attack in May?
In May 2017, the WannaCry ransomware attack targeted computers that were running an outdated and unpatched version of Microsoft Windows as their operating system. The hackers encrypted the data so that users could no longer access their data. The hackers then demanded payment through Bitcoin because it’s untraceable. Once the payments were received, the hackers then flipped the “kill switch” for the ransomware and essentially removed it from that device.

Read More: The Rise of Increasingly Sophisticated Ransomware

The WannaCry malware infected over 230,000 computers worldwide. The most critical part of the ransomware attack infected over 70,000 computers in the United Kingdom’s National Health Service (NHS). This was an emergency situation because all of the patients’ data was stored in the computer system, which sent the NHS into chaos. Many of their computers, MRI scanners, and even blood-storage refrigerators had been affected by the ransomware and were compromised by the attacks. The NHS had to start turning away non-critical emergencies, and even some ambulances were diverted.

How WannaCry is Linked to North Korea
After the malware attack had been taken care of, the NSA and the British Security Group investigated the Wannacry ransomware attack. They found that the ransomware was being shared in a way that had similar code to an earlier malware hack that was associated with a North Korean threat group. Once that connection had been made, the NSA kept finding links between the May attack and the 2014 Sony Pictures hack, which was carried out by the Lazarus Group. The 2014 Sony hack released the film The Interview, which focused on a plot to assassinate the North Korean leader.

These connections mean that WannaCry was similar enough to the other Lazarus Group hacks that the NSA and the National Security Centre have linked it to the North Korean hacking group.

Possible Motivations
According to many intelligence experts, North Korean hackers may be working for the government under their intelligence agency. The hackers will earn money from the ransomware attacks by charging people Bitcoin to remove the ransomware. The proceeds from these attacks will then be redirected towards the funding of the North Korean military strategies. This is one of many “self-funding” strategies that North Korea’s intelligence agency uses.

PSafe Newsroom

The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.

Recent Posts

Vulnerabilities in Cyber Security: what they are and how to fix them?

Learn all about one of the hackers' favorite breach method and keep your company safe…

1 year ago

3 ways to recover deleted photos on Android

Have you ever wondered how to recover deleted photos on Android? After all, the lack…

1 year ago

What is worm?

Digital worms are among the most serious threats in the wild kingdom of the Internet.

2 years ago

Spoofing: What’s it all about?

Spoofing is a fairly sophisticated virtual scam that can fool even the most cautious and…

2 years ago

Careful With That QR Code! Five Steps For QR Code Safety

Five Steps to Reduce QR Code Risk! Step one? Read this article…

2 years ago

Pharming: Phishing’s Nasty Big Brother

Pharming is creating a new, dangerous brand of impostor syndrome. Check how to avoid pharming…

2 years ago