back to article UK.gov joins Microsoft in fingering North Korea for WannaCry

The UK government has joined Microsoft in blaming North Korea for the WannaCry ransomware attack. Security minister Ben Wallace appeared on BBC Radio4's flagship Today programme on Friday morning to blame North Korea for the infamous ransomware attack that disrupted the operation of one in three NHS Trusts in England as well …

  1. Stuart 22

    Downgrade to XP

    "Windows XP machines crashed rather than becoming infected when subjected to WannaCry. Unpatched Windows 7 machines were a far more important factor, it transpired"

    I had never thought of BSOD as malware protection before ... maybe they should re-brand it as DefenderPlus.

    1. x 7

      Re: Downgrade to XP

      "Windows XP machines crashed rather than becoming infected when subjected to WannaCry. Unpatched Windows 7 machines were a far more important factor, it transpired"

      Anyone in the know would say.......total bollox

      If it was true, then why was I running round for months after, urgently replacing WinXP systems?

      To be truthful, there were a number of issues at play

      Out of date antivirus software (in many cases with expired support)

      A failure to maintain update/patch installation. Many machines hadn't seen an update in years.

      Failure to track machine locations, so even if they were identified as requiring work, they couldn't be found.

      Windows XP....

      And the biggest one of all.......out of date / unprotected server operating systems. Most servers were 2003, or the original version of 2008, so just as vulnerable as XP. And they were where all the data was, and they were what needed restoring from backups.

      Desktop PCs were (in the main) trivial, as they either retrieved data from servers, or used cloud data services (such as Emis Web) or simply brought up hosted virtualised desktops from remote servers. No data to worry about - quick reboot/reimage and they were back online

      There were a handful of dedicated systems e.g. car parks, security cameras, diagnostic screening systems, NMR machines and the like, but as a rule they were physically sandboxed from the main network

      But to reinterate.......XP and the servers were the two real problems

      I'll have to pop in and see Wallace while I'm on the way home and explain things to him, though the local gossip is that he never listens to the truth

      1. Anonymous Coward
        Anonymous Coward

        Re: Downgrade to XP

        XP was not responsible, whilst it could get infected, it failed in spreading it around your network.

        Windows 7,8,8.1 and 10 were far more efficient at spreading wannacry. That is fact....

      2. Amos1

        Re: Downgrade to XP

        "If it was true, then why was I running round for months after, urgently replacing WinXP systems?"

        Umm, didn't you answer that question with the remainder of your post? :-)

      3. patrickstar

        Re: Downgrade to XP

        XP was definitely vulnerable, but as I've understood it the specific exploit used in WannaCry didn't work reliably against it. So usually it ended up bugchecking XP boxes instead of compromising them.

        So you still have to migrate off XP, disable SMB, and/or patch them somehow before someone else comes around with an exploit for XP.

        I suspect the confusion is because it didn't ALWAYS fail against XP, but worked against SOME of them while working against (almost?) ALL Win7 boxes.'

    2. Anonymous Coward
      Anonymous Coward

      Am I understanding this right?

      They are effectively saying that "it wasn't our fault, the attacker was really good and a nation state" for being pwned through an exploit that was fixed months previously on supported OS-es, and they were running an OS that was EOL-ed years before?

      Call me cynical, but this sounds like an attempt at smokescreening to save what's left of the face.

      1. tfewster
        Facepalm

        Re: Am I understanding this right?

        > Wallace went on to say that North Korea had linked to other attacks aimed at raising foreign currency...

        In which case they would have had no fears about emptying the accounts of the money raised - IIRC correctly, those accounts were abandoned as too hot to touch?

        > Redmond's president went on to that Microsoft was not to blame for the infection of systems using older operating systems, such as Windows XP...

        Did he just accept responsibility for the Windows 7 machines that DID get infected? Sure, they released a patch AFTER the NSA exploit got leaked, but how long had they known about it?

    3. macjules

      Re: Downgrade to XP

      We need to teach these pesky East Asians a lesson in good British fair play. As a result we should exclude North Korea from ever being able to buy British exports such as toy London buses, plastic policeman helmets or commemorative pictures of Boris Johnson in his best 'crikey chaps' pose.

      That'll teach 'em!

  2. batfink
    Mushroom

    "All observers in the know"

    "Smith said "all observers in the know"" agree it was the Norks... FFS!!! Every bloody time we get the same infantile bullshit.

    I'm sorry, Mr Smith, but if you have some actual evidence then present it. Otherwise STFU.

    </rant>

    1. Anonymous Coward
      Anonymous Coward

      Re: "All observers in the know"

      We should wonder just how much Microsoft paid for that support to their aim to get everyone using win 10.

    2. Camilla Smythe
      Trollface

      Re: "All observers in the know"

      Oooooooo... Look at you. Knickers all in a twist. Guess you were not in the know then.

    3. Anonymous Coward
      Anonymous Coward

      Re: "All observers in the know"

      Logical fallacy commonly referred to as "no true Scotsman / all true Scotsmen".

  3. tiggity Silver badge

    I blame

    Microsoft.

    For not really getting their act together on OS security, even though they have had many years, & who knows how many billions of customer cash, to achieve even a hint of vaguely secure software.

    And fotr "retiring" operating systems that are still widely used, and doing a nice extortion racket approach on security updates for those systems.

    When something still has many millions of users then deciding to not keep it patched is purely a financial decision, but a morally corrupt one.

    .. Obviously MS have learned, their new tactic is to make their operating systems so unpopular that people will not still be running them years in the future.

    1. JulieM Silver badge

      Re: I blame

      I blame "developers" using a pirated copy of Visual Studio in their back bedrooms to write software which uses, for its own legitimate purposes, the same mechanisms used by malware instead of "proper" system calls. Thus it needs greater access rights than it really should, and won't work on an OS which removes these insecurities.

      Add to that a culture of greed, paranoia and secrecy, where Source Code is jealously guarded rather than treated as just the Advanced Technical Specification of the software, and it's a recipe for disaster. Because anyone who bought software without the Source Code is unable to fix it themself to work with an updated Operating System. Only the original vendor can do that -- and then, only if they still exist, if they still have the code and if they are still willing.

      If those in charge of procurement had only insisted on the complete, annotated Source Code -- which you get anyway, when you are in the habit of not paying for software -- in the first place, then this mess would not exist. For a start, someone would see the homebrew alternatives to proper inter-process communication as officially documented, and -- when they had recomposed themselves, at any rate -- rewrite them properly.

      The very first release of OpenOffice.org (which was formerly a proprietary product) was riddled with schoolkid errors, including a blatant misunderstanding of pointers that prevented it from even building on any architecture with an address bus that was not the same width as a data word. What other horrors might be lurking in proprietary code?

      I'm fiercely proud of the code I write; and I'll gladly dangle it in anyone's face just so they can appreciate how fantastic it is, and feel righteously inferior. Hiding bad code behind a proprietary licence is just cowardice. You aren't going to stop anyone from copying the binaries by caging up the Source Code. All you are doing is making life difficult for everyone downstream. And if you have written the best code, you can't complain about plagiarism; any other solution to the problem would be inferior in some way (slower execution, more memory use, edge-case breakage .....) Programming is mathematics, and the right answer does not belong to anyone.

    2. Amos1

      Re: I blame

      Change that to Microsoft and the NSA and I'll wholeheartedly agree. One doesn't care to write secure code and the other didn't care to secure their code or protect the country they are sworn to defend.

    3. Anonymous Coward
      Anonymous Coward

      Re: I blame

      And fotr "retiring" operating systems that are still widely used, and doing a nice extortion racket approach on security updates for those systems.

      SO MS is suppose to support an OS as long as people use it ? IT's not like they did not give notice intact the even extended life for XP

    4. AlbertH

      Re: I blame

      Microsoft

      ......For deliberately compromising security in favour of "ease of use"....

      ......For still believing that "Security through obscurity" could possibly work...

      ......For failing to patch flaws that had been demonstrated five years ago....

      ......For having the temerity to actually charge money for their "Operating Systems".....

      ......For still existing and being in the pocket of the NSA.....

      1. wallaby

        Re: I blame

        To be honest there are many on here who would look out of the window, see it's peeing down and blame that on Microsoft anyway.

        Simple fact of the matter, you own the PC's, you know the O\S isn't supported, and yet you still have them internet facing and not (at the very least) V'Lan'd off to protect them. I have hundreds of XP machines at all SP levels, because they have to be and I cant upgrade them without spending millions on the kit they are attached to - I wouldn't dream of letting them face out into the big wide world. Critical systems need to be protected, utilities control systems, hospitals, nuclear, all of these need to be on discreet networks that aren't connected to the big wide world - we need to think less of letting our workers access emails or update their Facebook pages and more about protecting our crown jewels - our data and control systems.

    5. patrickstar

      Re: I blame

      You ARE aware that the open source SMB implementation (Samba), has a horrible security history, right? Quite possibly worse than Microsoft's, actually.

  4. Anonymous Coward
    Anonymous Coward

    It's about time, those North Koreans are clearly guilty, I'll list some of their crimes,

    The upturned plug I stood on last night.

    The puncture I got riding my bicycle.

    My cat bringing a dead sheep to the back door.

    I don't have any actual evidence and I can't prove any of these nefarious actions are in fact North Korea but I'm going to blame them anyway and keep blaming them till everyone believes me and everyone else blames them for everything.

    Lamb curry for tea tonight.

    1. Spacedinvader
      WTF?

      "My cat bringing a dead sheep"

      The hell size of cat do you have?!?

      1. Martin Summers Silver badge

        I think he's Lion

        1. Anonymous Coward
          Anonymous Coward

          Easy Tiger.

          1. Rich 11

            To kill the sheep in one bite the cat must have gone for the jaguar.

        2. JJKing
          Facepalm

          Sorry.....

          I think he's Lion

          No, he's telling the truth.

      2. wallaby

        "The hell size of cat do you have?!?"

        you sound scared !!!!

        Pussy !

  5. Anonymous Coward
    Anonymous Coward

    Its no good....

    ...claiming that you know the name of the big fat boy that did it and ran away. What was needed was (and probably still) is to implement basic security measures BEFORE such a simplistic attack happens (or happens again).

    It really doesn't matter who was behind it.

    1. John Brown (no body) Silver badge

      Re: Its no good....

      "It really doesn't matter who was behind it."

      Exactly. Even it was the Norks, what can anyone do about it shy of military strikes? They are already about as isolated by sanctions as it's possible to be. That doesn't leave many options.

      And again, even if it was the Norks, the blame seems to be squarely on a certain US TLA leaving it's secret toys out in the garden for someone else to play with. Someone like the Norks can do this on their own eventually, but it's not nice to give them a helping hand.

  6. Will Godfrey Silver badge
    WTF?

    Wait!

    I thot it was s'posed to be the Ruskies wot dun it.

    1. Chris Miller

      Re: Wait!

      We have always been at war with Eastasia.

  7. DJ2liveUK

    i'm waiting for NoKo to be implicated in the BadRabbit infection this week.

    NoKo public enemy no.1 closely followed by Russiaphobia.

    1. x 7

      "i'm waiting for NoKo to be implicated in the BadRabbit infection this week."

      No BadRabbits in Norkland

      They all got scoffed by Kim Jung Fat

      1. Amos1

        It really was United Airlines. They kill BigRabbits.

  8. Anonymous Coward
    Facepalm

    North Korea to blame for NHS hack?

    I have it on good authority it was albino shape shifting reptiles from a planet in the Draco constellation that did the hacking.

    1. batfink
      Alien

      Re: North Korea to blame for NHS hack?

      I have it on good authority All observers in the know say it was albino shape shifting reptiles from a planet in the Draco constellation that did the hacking

      FTFY.

    2. bombastic bob Silver badge
      Trollface

      Re: North Korea to blame for NHS hack?

      "it was albino shape shifting reptiles from a planet in the Draco constellation"

      it would be MORE FUN to invade NorK and shoot Fatboy in the head, though. Albino shape shifting reptiles just aren't good for target practice.

      trolling, trolling, la-lala-lala [icon]

      1. Anonymous Coward
        Anonymous Coward

        Re: North Korea to blame for NHS hack?

        ooo Bob you iz in trouble now, only gross leaders of repressive countries are allowed to suggest killing people in electronic form.

        You would have been safer suggesting dropping Fatman on them

  9. Jason Bloomberg Silver badge
    Black Helicopters

    The Wheel of Blame

    Iran. Russia. China. North Korea. Wildcard.

    Please remember to spin the wheel every Friday.

    1. Rich 11

      Re: The Wheel of Blame

      Pfft. Any Wheel of Blame which doesn't include 'Meteor showers over Brigadoon on 29th February affected our CAT5' isn't worth having.

  10. Teiwaz

    Whose to blame exactly?

    used exploits created by and leaked from the US National Security Agency

    Whoops!! No one for the west to blame but their own out of control agencies.....again....

    Norks?

    Clearly, brinksmanship at play. Too much heat generated by the magnifying glass pointed at the Russians, time to cool that one off a while...

  11. JJKing
    Coat

    OxyMORON?

    I can’t go into the details of our intelligence

    Is that because they have the same single digit IQ as the Orange Idiot?

    Mine's the one with the Mensa application in the pocket.

  12. Anonymous Coward
    Anonymous Coward

    You have nothing to Fear ...

    ... except government intelligence itself.

    1. TRT Silver badge

      Re: government intelligence

      More oxymorons.

  13. mark l 2 Silver badge

    Or it could have been the US to blame by letting the NSA keep the OS vulnerabilities secret so they could use it as a weapon for its own gains. But of course it then got leaked and used against the general public.

  14. Doctor Syntax Silver badge

    It's far more convenient to blame the Norks, Russkies or whoever than blame MS for building stuff with holes in it and the NSA for not only discovering those holes, not (at least presumably not) feeding the info back to MS, not only that but building exploits for the holes and not only that but also letting the exploits leak out.

    No, nothing to do with MS or the NSA; strictly down to the Norks.

  15. JulieM Silver badge

    Blaming Nation States

    I can only suppose that the reason why it has become fashionable to blame nation state actors for these crimes, is that it's significantly less embarrassing for the software vendors than admitting that their "security" can be breached by some pimply kid in his mother's basement, as well as absolving the purchasers of paying good money for something that turns out not do have done as good a job as something else that could have been acquired ostensibly free (but would require IT staff who actually know their arse from a hole in the ground).

    Is there a country anywhere in the world where it is a legal requirement for every piece of computer software to be supplied with the complete Source Code and build instructions, even if it is sold for money and not intended to be shared downstream?

    Because if there is, I'll wager they have the most manageable situation regarding computer security. Occasional minor panics and patching frenzies whenever a vulnerability is discovered, but nothing really beyond repair. You see, another benefit to mandating software supplied in Source Code form is that there is no reason why a binary compiled on one machine need work on any other, as long as that other machine can compile the same Source Code into a binary that it can run. This diversity helps create a natural barrier against the spread of malware.

    Enforcing that no computer be able to run code compiled for any other computer probably would be a step too far; but requiring universal user access to Source Code seems eminently sensible and without any valid contra-indication.

  16. Anonymous Coward
    Anonymous Coward

    Microsoft is responsible

    A swiss cheese OS that gets infected by thousands of virus just browsing the web. Backed up by an ecosystem of developers who buy into MS bullshit, and for complete self-interests collude to block the development an alternative for the NHS et al. “I refuse to develop for Unix because it means I would have to publish my proprietary source code” er no.

  17. jms222

    I don't think many people understand what it means to build a dedicated piece of equipment to outlive operating system releases. You can't just update the whole OS. Even security updates can be problematic and stop anyway after a few years.

    What you _can_ do however is employ firewalls and proxies to handle iffy protocols such as SMB/CIFS and the latter can be updated relatively easily.

    The fault lies with the people who run the NHS networks.

    Stop blaming East European and Asian countries. Nobody's listening (except a few journalists).

  18. Mahhn

    NSA?

    How does Wannacry go from being based on an NSA created exploit to being NKs fault?

    They forgot to put in some egg to make it all stick.

  19. sloshnmosh

    I'm sure they had evidence of NK at fault....

    They must have found some Korean language in comments of the code variants: http://www.zerohedge.com/news/2017-03-31/wikileaks-reveals-marble-proof-cia-disguises-their-hacks-russian-chinese-arabic

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like