NHS cyber attack ‘was carried out by North Korea with same cyber-hackers who targeted Sony in 2014’

NORTH Korea carried out the crippling NHS cyber attack last month, British security officials claim.

It’s thought hackers from a group named Lazarus launched the unprecedented global attack in May – two years after apparently targeting Sony Pictures, according to the BBC.

PA:Press Association

Security officials say the cyber attack was the work of North Korean hackers

It hit more than 200,000 victims including a fifth of NHS trusts as hackers demanded a ransom payment.

Following an international investigation by Britain’s National Cyber Security Centre, officials claim it was carried out by North Korea.

Adrian Nish, who leads the cyber threat intelligence team at BAE, saw overlaps with previous code developed by the Lazarus group.


‘How many children died?’

Sadiq Khan is confronted by seven-year-old boy as furious locals demand answers about who’s to blame for tower blaze

hero of grenfell tower

Hero neighbour catches four-year-old girl thrown by mum from the 5th floor seconds before flat was engulfed in flames


Man filmed romping with woman in front of passengers on Ryanair flight was ‘cheating on his pregnant fiancée who was waiting at home’


Italian couple’s heartbreaking final phone call as fire crept into their home on 23rd floor – as hopes fade for Grenfell Tower missing

‘i knew so many of the dead’

Owner of Grenfell Tower flat where fire started tells of agony with fears  death toll will pass 100

‘turning on taps saved us’

Family made miraculous escape from tower block after mum used bath to flood flat

He said: “It seems to tie back to the same code-base and the same authors.

“The code-overlaps are significant.”

The NHS is thought to be one of the first victims of the attack, which started in the UK and Spain before spreading around the world.

PA:Press Association

Ransomware, which locks computers until a $300 (£230) payment is made, crippled 47 NHS trusts in England and 13 in Scotland

Seven of the 47 NHS England trusts that were hit — a fifth of the service — are still seriously affected, while 13 trusts in Scotland also suffered.

Staff were forced to cancel or postpone operations and appointments as several hospitals and GPs surgeries were crippled by the hack.

At the time government security minister  Ben Wallace said a virus delivered from a single email was the “most likely form of delivery” for the cyber attack.

It seems to tie back to the same code-base and the same authors.

Adrian Nishleads the cyber threat intelligence team at BAE

“These type of ransomwares are usually effectively disguised”, he said.

“They come in on what looks like a routine email from a friend or somebody else.”

He added that the ransomware, named WannaCry, is specifically designed to target some Windows operating systems.

“That meant that it spread incredibly quickly across any organisation that has a large network”, he said.

“Of course, the NHS has a very large network where the computers are on all the time, allowing it to get that momentum.”

Security Minister Ben Wallace said ransomware may have spread through NHS systems after being opened from a single email

Ransomware attacks infect computers, blocking access to files and demanding a $300 (£230) payment to unlock them again.

Expert James Scott told The Sun: “They knew they were a target.”

NHS braced for possible repeat of cyberattack chaos as people return to work

Do you have a story for The Sun Online news team? Email us at tips@the-sun.co.uk or call 0207 782 4368