Published: Sat, May 13, 2017
Hi-Tech | By Ellis Neal

Global cyber attack hits at least 99 countries

It is feared computers in A&E wards, GP's surgeries and other vital services across the NHS were infected with a virus based on hacking tools developed by United States cyber warfare agents.

The National Cyber Security Centre (NCSC) said teams were "working round the clock" in response to the attack as it was reported up to 99 countries, including the USA and Russian Federation, were hit.

The head of the UK's cyber security agency said experts were "working round the clock" to restore NHS systems.

Affected by the onslaught were computer networks at hospitals in Britain, Russia's interior ministry, the Spanish telecom giant Telefonica and the U.S. delivery firm FedEx and many other organizations. The interior ministry said about 1,000 computers had been infected but it had localized the virus.

The U.S. Department of Homeland Security said it was sharing information with domestic and foreign partners and was ready to lend technical support.

Jakub Kroustek of the security firm Avast said in a blog post update around 2000 GMT, "We are now seeing more than 75,000 99 countries".

She stressed there was no evidence that patient data had been accessed.

A number of hospitals across 16 trusts in London, Blackburn, Nottingham, Cumbria and Hertfordshire have been affected, resulting in many doctors resorting to pen and paper as phone and IT systems were shut down.

"We are on a downward slope, the infections are extremely few, because the malware is not able to connect to the registered domain", said Vikram Thakur, principal research manager at Symantec.

Meanwhile, a cyber security researcher is believed to have found a "kill switch" to stop the spread of the WannaCry ransomware for the time being.

IT specialists are working to resolve the problem as quickly as possible.

Dickson said the malware itself, which exploits a flaw in Windows, was not new but that adding the ransomware "payload" made it especially unsafe.

The unprecedented attack plunged the health service into chaos, forcing hospitals to cancel and delay treatment. Researchers from various cyber security firms said the hackers, who have not yet identified themselves, made a self-spreading malware by exploiting a piece of NSA code. A ransom note that appeared on users screens demanded money in exchange for accessing their PCs.

"This is not targeted at the NHS, it's an worldwide attack and a number of countries and organisations have been affected", she added.

A hacking group called Shadow Brokers released the malware in April claiming to have discovered the flaw from the NSA, Kaspersky said.

"We were the target of an attack, like what is happening in all of Europe, a large scale-attack, but none of our services were affected", a Portugal Telecom spokeswoman told Reuters.

"The ransomware can spread without anyone opening an email or clicking on a link". In February 2016, a Los Angeles hospital, the Hollywood Presbyterian Medical Center, paid $17,000 in Bitcoin to hackers who took control of its computers for more than a week.

South Korea's Yonhap news agency reported a university hospital had been affected, while a communications official in Indonesia said two hospitals there had been affected.

Like this: