More than 300,000 computers were believed to have been affected around the world
North Korean hackers may have been behind the WannaCry ransomware attack that crippled the NHS last month, British security experts have said.
The National Cyber Security Centre has led an international investigation into the attack, which is estimated to have affected more than 300,000 computers in over 150 countries worldwide.
Security sources at the government body told the BBC that a North Korean outfit called the Lazarus Group may have been behind the attack, which knocked out computer systems at 47 NHS trusts across the country last month
Computers at the trusts showed a message saying their data had been encrypted and it would only be unlocked when they paid a ransom in bitcoins – a digital currency – into a specific account.
The hackers used a piece of software developed by the NSA spy agency in the US to exploit vulnerabilities in the out-of-date Windows XP operating system still widely in use across the NHS despite no longer being supported by manufacturer Microsoft.
It is believed that the attack would have been much worse had a British cyber-security researcher not discovered a secret “kill switch” in the code.
The NCSC concluded that the ransomware did not target Britain or the NHS specifically and may have been a money-making scheme that got out of control.
They highlighted the fact that the hackers have not yet retrieved the money they gathered from the attack as it may make them more vulnerable to detection.