United Kingdom working to restore hospital systems after cyberattack

The Latest: Cyberattack hit German rail schedule boards

The Latest: Cyberattack hit German rail schedule boards

Experts say the virus, called Wanna Decryptor, exploits a vulnerability in Microsoft Windows software that was first identified by American spies at the NSA.

Ross Anderson, professor of security engineering at Cambridge University's computer lab, said the incident is the "sort of thing for which the secretary of state should get roasted in Parliament".

"For those organizations who have not yet applied the security update, we suggest you immediately deploy Microsoft Security Bulletin MS17-010".

Ransoms paid so far amount to only tens of thousands of dollars, one analyst said, but he predicted they would rise.Companies rushed to protect Windows systems with patches that Microsoft released last month and on Friday.

Mikko Hypponen, chief research officer at the Helsinki-based cyber security company F-Secure, told AFP that the attack was "the biggest ransomware outbreak in history", saying that 130,000 systems in more than 100 countries had been affected. "We absolutely anticipate that this will come back", said Patrick McBride, an executive with cyber-security firm Claroty.

"At this stage we do not have any evidence that patient data has been accessed". Both said Russian Federation was hit hardest.

Home Secretary Amber Rudd said work was ongoing to identify the attackers, and that no patient data had been stolen.

The attacks hit a whole range of organisations and businesses worldwide.

Telefónica: Spanish authorities confirmed the Spanish telecom company Telefónica was one of the targets, though the attack affected only some computers and did not compromise the security of clients' information.

16 organizations were affected as of 15:30, the NHS statement said.

"Because WannaCrypt used a single hardcoded domain, my registration of it caused all infections globally to believe they were inside a sandbox. thus we initially unintentionally prevented the spread", the researcher said, humbly and anonymously, in his blog post.

"This is not targeted at the NHS, it's an global attack and a number of countries and organisations have been affected", British Prime Minister Theresa May said.

A Renault UK spokesman said: "Groupe Renault confirms it was impacted by the global cyber attack that began late on Friday May 12".

It is understood that several health trusts turned their computer systems off as a precautionary measure, rather than being shut down by the attack.

In Spain, the attacks did not disrupt the provision of services or networks operations of the victims, the government said in a statement.

The ransomware encrypted data on the computers, demanding payments of US$300 ($437).

Outside the Royal London Hospital, wheelchair-bound patient Richard Harvey spoke of his disappointment as he wheeled himself home after waiting all day for a procedure that was eventually postponed.

The security holes it exploits were disclosed weeks ago by TheShadowBrokers, a mysterious group that published what it said are hacking tools used by the NSA.

Britain's opposition Labour Party said the attack on English hospitals showed the need to place cyber security at the heart of government policy.

The agency has not responded to requests for comment.The identity of the Shadow Brokers is not known, though many security researchers say they believe they are in Russian Federation, which is a major source of ransomware and was one of the countries hit first and hardest by WannaCry.

She said all but six trusts were now running as normal after experts had been working around the clock to restore systems.

Notícias recomendadas

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.