N. Korean Hackers Plan to Devastate UK

Uploaded on 2017-11-21 in INTELLIGENCE--Europe, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE-Hot Spots-North Korea, JOBS-Careers, TECHNOLOGY--Hackers

Hacking groups linked to North Korea will continue to devastate the UK with major cyberattacks over the next year, former GCHQ director Robert Hannigan has warned.

Referencing WannaCry, a malware outbreak which has been linked to the rogue state, the ex-spy chief said there will be "more collateral damage and more unintended consequences."
"The technical sophistication of the threats is going to get worse, without question," Hannigan said during a recent FT cybersecurity summit in the heart of London. "We'll see more ransomware, we'll see a greater scale of attacks," he added.

WannaCry, a rapidly-spreading form of ransomware, emerged back in May and eventually affected hundreds of thousands of computers in 150 countries.

In the UK, the National Health Service (NHS) was hit in the cyber-assault. It was not specifically targeted, but instead was a victim of what Hannigan branded "collateral damage."

According to data released by the National Audit Office (NAO), nearly 20,000 appointments were disrupted by the incident. An independent audit found "basic IT procedures" could have halted the hack. 

Hannigan voiced concern about the overlap of state and crime in cyberspace. He noted: "The critical thing is that there are players out there now behaving badly enough not really to care.
"Either because they don't have a stake in the international system, or they have a stake but actually, that's a threshold of damage that they can live with in order to deliver whatever effect they want to deliver. And they would expect the rest of the world just to live with that.

"I think we will see more of that - more collateral damage and more unintended consequences."

While attribution will never be 100% concrete, a clandestine unit known as "Lazarus Group" was linked to the WannaCry outbreak by similarities in hacking tools spotted in other incidents.

UK security minister, Ben Wallace, told the BBC in October the government "quite strongly" believed North Korea was responsible for the cyberattack on the healthcare system.
"I obviously can't go into the detail of intelligence, but it is widely believed in the community and across a number of countries that North Korea had taken this role," he said.
Hannigan quit as GCHQ chief in January this year, citing personal reasons. In September, it emerged he had been appointed as cybersecurity advisor to insurance firm Hiscox UK and Ireland. However, his stance on hacking has been echoed by those still working for the government.

In late October, National Cyber Security Centre (NCSC) chief Ciaran Martin warned that he expected a "significant scale attack" on the UK is likely to take place in the coming years.
"WannaCry was really a reasonably sophisticated tool, used rather ineptly," he commented.
"They will learn from that. People always do. They will get better at using those tools, and there are far more sophisticated tools out there, and they will start to use them." 

He added: "If you look at the NHS, nobody would seriously believe that the North Koreans wanted to attack the NHS, and not least because they were never going to pay a ransom."

IBTimes:

You Might Also Read: 

N.Korea Will Target UK Financial Services:

Former Spy Chief Takes Top Cybersecurity Job:

Director's Departure Leaves A Big Hole At GCHQ:

Spying On You In Britain:
 

« When Guns And AI Work Together
Computers Say ‘No’ But AI’s Decisions Must Be Fair & Transparent »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Trust Guard

Trust Guard

Trust Guard services provide complete security for your website.

MBL Technologies

MBL Technologies

MBL Technologies specializes in information assurance, enterprise security, privacy, and program/project management.

Slovak National Accreditation Service (SNAS)

Slovak National Accreditation Service (SNAS)

SNAS is the national accreditation body for Slovakia. The directory of members provides details of organisations offering certification services for ISO 27001.

Euro-Recycling

Euro-Recycling

Euro-Recycling is a leading UK provider of Secure On-Site Data Media Destruction Services.

CSC Digital Brand Services

CSC Digital Brand Services

Our brand protection and security expertise give our customers peace of mind that no matter how fast the digital world changes, their intellectual property and digital assets will be secure.

AlertFusion

AlertFusion

AlertFusion is a platform that makes security operations more effective. It complements existing tools and technologies, unifies operations, enhances process maturity and drives efficiencies.

TAG Cyber

TAG Cyber

TAG Cyber's mission is to provide world-class cyber security research, advisory, and consulting services to enterprise security teams around the world.

Madrona Venture Group

Madrona Venture Group

Madrona Venture Group invests in seed and early-stage technology companies in areas including cybersecurity.

C3i Hub

C3i Hub

C3i Hub aims to address the issue of cyber security of cyber physical systems in its entirety, from analysing security vulnerabilities to developing tools and technologies.

North East Business Resilience Centre (NEBRC)

North East Business Resilience Centre (NEBRC)

The North East Business Resilience Centre is a non-profit organisation here to support businesses in the North East of England in protecting themselves from cyber crimes and fraud.

Terra Quantum

Terra Quantum

Terra Quantum is a deep tech pioneer, developing revolutionary quantum applications to shape the technology of the future.

Q5id

Q5id

At Q5id, we prove that your customers' digital identity and real-world identity are the same, our verification and authentication solution delivers a Proven and Secure digital identity for everyone.

Orchestrate Technologies

Orchestrate Technologies

Orchestrate Technologies provides computer network and IT managed services for small and mid-market clients as well as small enterprise businesses.

When Group

When Group

World Health Energy Holdings, Inc. (d/b/a WHEN Group) is a High Tech Holding Company that specializes in the Cyber, Security and Telecom area.

Redblock

Redblock

Redblock's mission is to eliminate the drudgery and repetitive 'eye on the glass' work done by Security Teams.

ZIUR Industrial Cybersecurity Center

ZIUR Industrial Cybersecurity Center

ZIUR is a public initiative to help industrial companies reinforce their protection and that of their products or services against cyberattacks.