UK working to restore hospital systems after cyberattack

Monday, 15 May, 2017

Europol says ransomware attack has hit more than 100,000 organizations in 150 countries.

"We could potentially see copycats mimic the delivery or exploit method they used", he said.

"The problem is the larger organizations are still running on old, no longer supported operating systems", said Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com.

WannaCry exploited a vulnerability to spread itself across networks, a rare and powerful feature that caused infections to surge on Friday.

A red-coloured "critical alert" has been issued by the Computer Emergency Response Team of India (CERT-In), the nodal agency to combat hacking, phishing and to fortify security- related defences of the Indian Internet domain.

The NSA did not respond to a request for comment.

The identity of the Shadow Brokers is not known, though many security researchers say they believe they are in Russian Federation, which is a major source of ransomware and was one of the countries hit first and hardest by WannaCry.

A British cyber expert has been hailed an "accidental hero" after he stopped the spread of a global virus that brought chaos to networks around the world. "The only sensible way to tackle it is to "pull the plug" so that it can't spread any more until you can isolate the affected machines and work out a remediation plan".

Experts say his discovery did not fix the damage done by the ransomware, but has stopped it from spreading to new computers.

NHS Digital, which oversees hospital cybersecurity, says the attack used the Wanna Decryptor variant of malware, which holds affected computers hostage while the attackers demand a ransom. The researcher, however, warned in a blogpost [ncsc.gov.uk] that the hackers could alter the code and try again.

"The numbers are still going up", he said.

"There were the same attacks applied to Nissan on Friday and in other areas of the economy and indeed around the world", Fallon said.

Fellow security researcher Darien Huss, from tech firm Proofpoint, echoed MalwareTech's view.

French carmaker Renault was forced to stop production at sites in France and Slovenia, saying the measure was aimed at stopping the virus from spreading.

In Britain, the attack disrupted care at National Health Service facilities, forcing ambulances to divert and hospitals to postpone operations.

Meanwhile, Home Secretary Amber Rudd said Hunt had told health trusts to upgrade their software and majority had.

German rail operator Deutsche Bahn said some electronic signs at stations announcing arrivals and departures were infected.

Chinese media reported Sunday that students at several universities were hit, blocking access to their thesis papers and dissertation presentations.

In the United States, FedEx acknowledged it had been hit by malware and was "implementing remediation steps as quickly as possible". In Spain, major companies including telecommunications firm Telefonica were infected.

"Whoever these people are, they are criminals and not to be trusted", he said.

As of this point, nobody knows who is behind the ransomware attack, but one thing authorities know for sure is the fact that the tools that were made public by Shadow Brokers.

The ransomware attack is at "unprecedented level and requires global investigation", Europol, the European Union's law enforcement agency, said on Twitter.

In a statement provided to HuffPost Australia on Sunday, Special Adviser to the Prime Minister on Cyber Security Alastair MacGibbon said, overall, "Australia has not been significantly affected" by the attack, although there are reports of other businesses being targeted.