BBC on Europe:
A massive ransomware campaign appears to have infected a number of organisations around the world.
Screenshots of a well known program that locks computers and demands a payment in Bitcoin have been shared online by parties claiming to be affected.
There have been reports of infections in the UK, US, China, Russia, Spain, Italy, Vietnam, Taiwan and others.
Security researchers are linking the incidents together.
One cyber-security researcher tweeted that he had detected 36,000 instances of the ransomware, called WannaCry and variants of that name.
“This is huge,” he said.
The UK’s National Health Service (NHS) was also hit by a ransomware outbreak and screenshots of the WannaCry program were shared by NHS staff.
Spain said on Friday a large number of companies, including telecommunications giant Telefonica (TEF.MC), had been infected with malicious software known as “ransomware” which locks up computers and demands ransoms.
The hacking was carried out as hospitals and doctors’ surgeries in England were forced to turn away patients and cancel appointments on Friday after a ransomware attack crippled some computer systems in the state-run health service.
Portugal Telecom was also hit by a cyber attack but no services were impacted, a spokeswoman for the company said.
It’s been a matter of weeks since a shady hacker crew called Shadow Brokers dumped a load of tools believed to belong to the National Security Agency (NSA). It now appears one leaked NSA tool, an exploit of Microsoft Windows called EternalBlue, is being used as one method for rapidly spreading a ransomware variant called WannaCry across the world.
The ransomware has hit UK hospitals hard, with multiple sources reporting closures of entire wards, patients being turned away and some National Health Service (NHS) staff being sent home. Barts Health, a central London NHS trust, advised patients to look for assistance elsewhere and said ambulances were being diverted elsewhere, while another NHS organization said it had to turn away outpatients and limit its radiology services.
Here’s what a London GP sees when trying to connect to the NHS network pic.twitter.com/lV8zXarAXS
— Rory Cellan-Jones (@ruskin147) May 12, 2017
The NHS confirmed 16 NHS organizations had reported that they were hit by the WannaCry ransomware.
But the WannaCry outbreak has hit systems in at least 11 other nations. A security researcher with AVG Avast, Jakub Kroustek, said he’d recorded 36,000 detections of the malware variant today. According to the MalwareHunterTeam, which said WannaCry was “spreading like hell,” Russia has been the hardest hit, but Spain also seems to be under severe attack too, with telecoms giant Telefonica reportedly affected.
As shown on a map from another independent security researcher, MalwareTech, a large number of U.S. organizations have been hit. According to the researcher, at least 1,600 have been infected with WannaCry in America, compared to 11,200 in Russia and 6,500 in China.
— Jakub Kroustek (@JakubKroustek) May 12, 2017
Ransomware attacks reported in Europe t.co/XIDVuIECJC
— BBC News (World) (@BBCWorld) May 12, 2017
— Forbes (@Forbes) May 12, 2017
— The Telegraph (@Telegraph) May 12, 2017
— Motherboard (@motherboard) May 12, 2017
— Hybrid Analysis (@HybridAnalysis) May 12, 2017