N. Korean Hackers Plan to Devastate UK

Hacking groups linked to North Korea will continue to devastate the UK with major cyberattacks over the next year, former GCHQ director Robert Hannigan has warned.

Referencing WannaCry, a malware outbreak which has been linked to the rogue state, the ex-spy chief said there will be "more collateral damage and more unintended consequences."
"The technical sophistication of the threats is going to get worse, without question," Hannigan said during a recent FT cybersecurity summit in the heart of London. "We'll see more ransomware, we'll see a greater scale of attacks," he added.

WannaCry, a rapidly-spreading form of ransomware, emerged back in May and eventually affected hundreds of thousands of computers in 150 countries.

In the UK, the National Health Service (NHS) was hit in the cyber-assault. It was not specifically targeted, but instead was a victim of what Hannigan branded "collateral damage."

According to data released by the National Audit Office (NAO), nearly 20,000 appointments were disrupted by the incident. An independent audit found "basic IT procedures" could have halted the hack. 

Hannigan voiced concern about the overlap of state and crime in cyberspace. He noted: "The critical thing is that there are players out there now behaving badly enough not really to care.
"Either because they don't have a stake in the international system, or they have a stake but actually, that's a threshold of damage that they can live with in order to deliver whatever effect they want to deliver. And they would expect the rest of the world just to live with that.

"I think we will see more of that - more collateral damage and more unintended consequences."

While attribution will never be 100% concrete, a clandestine unit known as "Lazarus Group" was linked to the WannaCry outbreak by similarities in hacking tools spotted in other incidents.

UK security minister, Ben Wallace, told the BBC in October the government "quite strongly" believed North Korea was responsible for the cyberattack on the healthcare system.
"I obviously can't go into the detail of intelligence, but it is widely believed in the community and across a number of countries that North Korea had taken this role," he said.
Hannigan quit as GCHQ chief in January this year, citing personal reasons. In September, it emerged he had been appointed as cybersecurity advisor to insurance firm Hiscox UK and Ireland. However, his stance on hacking has been echoed by those still working for the government.

In late October, National Cyber Security Centre (NCSC) chief Ciaran Martin warned that he expected a "significant scale attack" on the UK is likely to take place in the coming years.
"WannaCry was really a reasonably sophisticated tool, used rather ineptly," he commented.
"They will learn from that. People always do. They will get better at using those tools, and there are far more sophisticated tools out there, and they will start to use them." 

He added: "If you look at the NHS, nobody would seriously believe that the North Koreans wanted to attack the NHS, and not least because they were never going to pay a ransom."

IBTimes:

You Might Also Read: 

N.Korea Will Target UK Financial Services:

Former Spy Chief Takes Top Cybersecurity Job:

Director's Departure Leaves A Big Hole At GCHQ:

Spying On You In Britain:
 

« When Guns And AI Work Together
Computers Say ‘No’ But AI’s Decisions Must Be Fair & Transparent »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

JumpCloud

JumpCloud

JumpCloud's Directory-as-a-Service (DaaS) is the single point of authority to authenticate, authorize, and manage the identities of a business’s employees and the systems and IT resources they need.

Intercede

Intercede

Intercede is a cybersecurity company specializing in digital identities, derived credentials and access control, enabling digital trust in a mobile world.

Qualys

Qualys

Qualys is a pioneer and leading provider of cloud security and compliance solutions.

CERT.BY

CERT.BY

The National Computer Emergency Response Team of the Republic of Belarus.

Backup Systems

Backup Systems

Backup Systems is a leading backup and disaster recovery systems provider across the UK.

Foundation Futuristic Technologies (FFT)

Foundation Futuristic Technologies (FFT)

FFT is a global leader in computer forensics and digital investigation solutions.

BTWorks

BTWorks

BTWorks provides identity management and anti-phishing / smishing solutions for web and mobile apps.

Redborder

Redborder

Redborder is an Open Source network visibility, data analytics, and cybersecurity Big Data solution that is scalable up to the needs of enterprise networks and service providers.

RCDevs

RCDevs

RCDevs is an award-winning Software company providing security solutions designed for modern enterprise technologies and suited for SMEs to large corporations.

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp is the world’s largest network of multi-corporate backed accelerators helping startups scale internationally.

Blacksands

Blacksands

Blacksands is a leader in network architecture, identity & services management, threat analysis, industrial IoT architecture, and invisible dynamic networks.

CDS

CDS

CDS is a strategic change agency enabling organisations and businesses to create and build better services to meet the evolving needs of customers, employees and citizens.

Technology Innovation Institute (TII)

Technology Innovation Institute (TII)

TII is a UAE-based research center that aims to lead global advances in AI, robotics, quantum computing, cryptography and secure communications and more.

Hexiosec

Hexiosec

Hexiosec (formerly Red Maple Technologies) is a technical consultancy and product company founded and run by engineers from the UK Intelligence and Defence communities.

Fairly AI

Fairly AI

Fairly AI is on a mission to democratize safe, secure, and compliant AI across the enterprise.

Atlantica Digital

Atlantica Digital

Atlantica design and create highly innovative software solutions and solid, scalable and secure IT infrastructures for a constantly evolving market.