The perpetrators behind the WannaCry cyberattack which badly affected NHS organisations across the UK and Scotland, have been identified by British security officials, according to the BBC.
The National Cyber Security Centre (NCSC) believes that a North Korean hacking group known as Lazarus are behind the attack.
After the cyberattack occurred Lazarus were rumoured to be behind the attack, with many reports pointing towards hacking activity in North Korea. The group is a well-known hacking organisation and is believed to have targeted Sony Pictures in 2014.
The WannaCry attack was a form of ransomware that locked users out of their computers, only allowing them access when a payment was made.
Due to the NHS’ IT infrastructure, the health service was affected particularly badly and 61 trusts were impacted by the attack. Trusts were forced cancel patient appointments and use pen and paper as computers needed to be shut down.
Whilst the NCSC is confident that Lazarus conducted the attack, Pyongyang’s involvement in ordering the attack in uncertain.
On investigating the rumours of Lazarus’ involvement the BBC reported that technology security group BAE, saw overlaps with previous code developed by Lazarus.
Adrian Nish, who works on cyber threat intelligence at BAE said: “It seems to tie back to the same code-base and the same authors. The code-overlaps are significant.”
The attack has raised issues with the NHS’ IT infrastructure and has exposed a lack of investment in the NHS as well as in basic infrastructure and staff training.
Dr Saif Abed, founding partner at health IT consultancy AbedGraham said: “We need to invest consistently in infrastructure and people and processes. That is why we need a forensic inquiry, and one that leads to immediate action, not one that takes two years and then issues a report. If we can pinpoint the problems, we can build a co-ordinated relationship between suppliers, the government and NHS organisations that addresses the problems in a way that meets clinical need.”