The security minister has blamed North Korea for the huge cyber attack on the NHS, after a report blamed the Government for failing to properly prepare for it.
Ben Wallace told The Today Programme he “quite strongly” believed the Kim Jong-Un regime was behind the attack, as he agreed with the National Audit Office’s (NAO) conclusion that it could have been avoided if the NHS had taken “basic” security precautions.
The WannaCry virus hit computers in May, as part of a global attack, and displayed a ransom message demanding money in exchange for the return of the data and records within it.
Around 19,000 operations were cancelled, the NAO said, and one expert told HuffPost its report showed the attack was “perfectly avoidable”.
Five hospital trusts had to divert patients to other A&E departments and another two needed outside help to continue treating patients.
“We believe quite strongly this came from a foreign state,” Wallace said.
“We can be as sure as possible but I can’t go into the detail of intelligence et cetera but it is widely believed across the community of countries.”
When host John Humphrys asked whether he had put this to the North Korean regime, Wallace said: “I haven’t asked. I think they’re busy testing missiles.”
Wallace added the attack was “a salient lesson for us all that all of us, from individuals to governments to large organisations, have a role to play in maintaining the security of our networks”.
He said attempted cyber attacks happened were happening “on a weekly basis” by criminals and foreign states.
He said nine out of 10 cyber attacks resulted in an arrest or charge but added: “When it comes to a hostile state, the idea we’re going to be able to follow a criminal justice outcome is more challenging.”
Humphrys asked what Britain would to “fight back” but Wallace said this was unlikely.
The minister said: “But let’s remember we are an open liberal democracy with a large reliance on IT systems. We will obviously have a different risk appetite. If you get into tit for tat there has to be serious consideration of the risk we would expose UK citizens to.”
He added the West needs a “doctrine of deterrent” when it comes to cyber attacks.
A security journalist was annoyed Wallace blamed North Korea while not being asked about the Government giving the NHS the tools to protect itself.
The Today Programme said the Department of Health would not send a health minister on to discuss the attack on air.
The Wannacry attack hit 81 of the 236 local trusts in England, as well as 595 GP practices, despite the fact it was “relatively unsophisticated”, the NAO said in its report published on Friday.
It noted the Department of Health had developed a plan to respond to an attack but failed to test it a local level and the NHS had not rehearsed its response at a national level.
This led to uncertainty as to who would lead the response, the NAO said, noting communications problems, as computers were brought down or shut down as a precaution, meant some NHS staff had to resort to WhatsApp on their personal phones.
The Department of Health had been warned about the threat from cyber attacks a year before and, though NHS Digital had urged NHS to download security patches for Windows software, it had not assessed whether they had complied.
Every trust that was hit was using an unpatched or unsupported version of Windows software, the NAO said.