Users must guard against the cyberattack

Nichole Vega
May 13, 2017

The most disruptive attacks were reported in Britain, where hospitals and clinics were forced to turn away patients after losing access to computers on Friday.

The IT systems of NHS sites across the country appear to have been simultaneously hit, with a pop-up message demanding a ransom in exchange for access to the PCs.

NHS Digital said in a statement: "The investigation is at an early stage but we believe the malware variant is Wanna Decryptor".

"Unlike most other attacks, this malware is spreading primarily by direct infection from machine to machine on local networks, rather than purely by email", Lance Cottrell, chief scientist at the USA technology group Ntrepid.

British based cyber researcher Chris Doman of AlienVault said the ransomware "looks to be targeting a wide range of countries", with preliminary evidence of infections from 14 countries so far, also including Russia, Indonesia and Ukraine.

"We are now seeing more than 75,000 detections.in 99 countries", Jakub Kroustek of the security firm Avast said in a blog post around 2000 GMT.

The broad based ransomware attack has appeared in at least eight Asian nations, a dozen countries in Europe, Turkey and the United Arab Emirates and Argentina and appears to be sweeping around the globe, researchers said.

Alan Woodward, visiting professor of computing at the University of Surrey, said there was evidence the ransomware was spreading using a Microsoft flaw exposed in a recent leak of information from USA intelligence agencies.

A Blackpool CCG spokesman confirmed to the BBC that the attack had shut down the majority of their systems, affecting GPs, hospitals and walk-in centres.

Volk added that ministry experts are now working to recover the system and do necessary security updates.

The ransomware encrypts data on the computer using an encryption key that only the attacker knows.

Spanish telecommunications company Telefonica was among the many targets in Spain, Portugal Telecom and Telefonica Argentina were also targeted.

Ransomware is malicious software that infects machines, locks them by encrypting data and then extorts money to let users back in.

The attack is causing canceled procedures and appointments at hospitals across England.

This is screengrab taken from the website of the East and North Hertfordshire NHS trust as Britain's National Health Service is investigating "an issue with IT" Friday May 12, 2017.

NHS Digital says 16 NHS organizations report being hit.

Another NHS Trust in Derbyshire tweeted: "We are aware of a major IT secure system attack".

Russian telecom operator MegaFon said it had also been victim of a cyber attack on Friday that interrupted the work of its call centres.

Across the US federal government, about 90 percent of all spending on cyber programs is dedicated to offensive efforts, including penetrating the computer systems of adversaries, listening to communications and developing the means to disable or degrade infrastructure, senior intelligence officials told Reuters in March.

Romania's intelligence service says it has intercepted an attempted cyberattack on a government institution which it said likely came from cybercriminal group APT28 also known as Fancy Bear.

A spokesman for Barts Health NHS Trust in London said it was experiencing "major IT disruption" and delays at all four of its hospitals.

The emergencies ministry told Russian news agencies it had repelled the cyberattacks while Sberbank said its cyber security systems had prevented viruses from entering its systems.

Reuters reported that employees of Britain's National Health Service (NHS) were warned about the ransomware threat earlier today.

"Otherwise, such an attack can be technically un-investigable", the statement said.

Other reports by AllAboutTopnews

Discuss This Article

FOLLOW OUR NEWSPAPER