A North Korean man has been identified as part of a group behind the WannaCry ransomware which caused havoc to the NHS.

US authorities say Park Jin Hyok was part of the state-sponsored “Lazarus Group”, which was allegedly being responsible for hacks on Sony Pictures and the theft of $81m (£62m) from a bank.

The 34-year-old worked “on behalf of the government of North Korea or the Workers’ Party of Korea”, according to US authorities.

Park Jin Hyok

Computers at hospitals and GP surgeries in 48 NHS trusts were frozen last year by the WannaCry ransomware virus – which demanded a bitcoin payment for users to regain access.

Appointments and operations were cancelled and many workers were forced to go back to pen and paper.

NHS computers had their files locked by the ransomware.

The attack did not target the NHS specifically: about 300,000 computers at businesses and organisations in more than 100 countries were affected.

Honda, Renault and Nissan had to stop production at some of their factories after detecting WannaCry.

Britain’s National Cyber Crime Unit said it had obtained critical evidence which was able to link the NHS attack to others already being investigated in the US.

The charges against Park are a “culmination of extended and complex enquiries made by the NCA and law enforcement partners in the US”, said the NCA’s Paul Hoare.

Sony Pictures was targeted in another hack blamed on the North Korean group in 2014.

Confidential employee information, emails and details of some stars’ earnings were revealed in the embarrassing data breach.

The Sony hack was believed to be retaliation for The Interview.

US officials long believed the attack was retribution for The Interview, a comedy starring Seth Rogen and James Franco about a plot to assassinate North Korea’s leader.

The charges against Park allege the group he was involved with were behind several attacks from 2014 until 2018, including a fraudulent transfer of $81m (£62m) from a Bangladeshi bank in 2016.

He has been charged with one count of conspiracy to commit computer fraud, and another count of conspiracy to commit wire fraud.

Originally Reported on Sky News on 10 Sep 2018
https://news.sky.com/story/north-korean-charged-over-cyberattack-that-hit-nhs-hospitals-and-gp-surgeries-11492051