Major Ransomware Attack Hits Thousands Of Systems Worldwide

Adjust Comment Print

British Prime Minister Theresa May says a cyberattack initially believed to be targeting only hospitals in the United Kingdom has now gone beyond, involving potentially dozens of countries.

The attack hit Britain's health service, forcing affected hospitals to close wards and emergency rooms. In most cases, they change the wallpaper of the computer and give specific instructions telling the user how to pay to recover their files. The group said it has recorded more than 45,000 attacks from the ransomware program from 74 countries around the world. CNN has not independently confirmed that number.

Across Britain, as the magnitude of the attack was becoming apparent on Friday afternoon, non-emergency procedures were suspended and ambulances diverted.

First, there were reports of Spain's largest telecom being hit with pop-up windows demanding a $300 ransom to access files. Two security firms - Kaspersky Lab and Avast - said they had identified the malware behind the attack in upward of 70 countries, although both said the attack has hit Russian Federation hardest.

This is not targeted at the NHS, it's an global attack and a number of countries and organisations have been affected.

NHS Digital, which oversees hospital cybersecurity, says the attack used the Wanna Decryptor variant of malware, which infects and locks computers while the attackers demand a ransom.

May says there is no evidence that patient data has been compromised. It said the company was working with its customers to provide additional assistance.

Ransomware attack affects thousands of computers across the world.

Telecommunications giant Telefonica was among many targets in Spain, though it said the attack was limited to some computers on an internal network and had not affected clients or services. They said the system was down and that they can not transfer anyone till the computer system was back up so he is still in the theatre.

Worldwide shipper FedEx, Spanish telecommunications firm Telefonica and Portugal Telecom were affected, while Russian Federation appeared to be the hardest hit.

China's official Xinhua news agency said some secondary schools and universities had been affected, without specifying how many or identifying them.

More news: Miley Cyrus unveils Malibu video complete with new image
More news: Jon Stewart supports Stephen Colbert amid backlash with 'Daily Show' reunion
More news: Celtics run all over Wizards in Game 5

An alleged hacker unconnected to the incident told Sky News the attack could spread to almost every country in the world.

Security experts are still trying to get their arms around the problem.

Ransomware is a type of malware that attempts to extort a computer user for money. Computers that have not installed the patch are potentially vulnerable to the malicious code, according to a Kaspersky Lab blog post on Friday. "The only sensible way to tackle it is to "pull the plug" so that it can't spread any more until you can isolate the affected machines and work out a remediation plan".

NHS Merseyside, which operates a number of hospitals in northwestern England, tweeted, "we are taking all precautionary measures possible to protect our local NHS systems and services".

He added, "It is a frightful lesson about why using supported software, and keeping that software updated, is so important".

The malware is exploiting a flaw in Microsoft software.

"Looking at the trends, it was going to happen", he said.

Senior officials at the "highest levels" of the U.S. government met late Friday to see what, if anything, they could do to stop the attacks and confront the potential for it to proliferate inside the U.S. One official said "American companies may fare better than those overseas because they are better at cyber hygiene".

Hospitals and doctors' surgeries in parts of England were forced to turn away patients and cancel appointments.

The problem is also affecting the switchboard at Newham hospital, Barts said. Some chemotherapy patients were even sent home because their records could not be accessed.