 |
| Cyber Attack in coding |
A huge extortion cyberattack hit dozens
of nations Friday, holding computer data for ransom at hospitals,
telecommunications firms and other companies. The attack appeared to exploit a
vulnerability purportedly identified for use by the U.S. National Security
Agency and later leaked to the internet.
The attack hit Britain's health service,
forcing affected hospitals to close wards and emergency rooms. Related attacks
were reported in Spain, Portugal and Russia. Two security firms — Kaspersky Lab
and Avast — said they had identified the malware behind the attack in upward of
70 countries, although both said the attack has hit Russia hardest.
The Russian Interior Ministry has
confirmed it was hit by the "ransomware" attack, which encrypts data
on infected computers and demands payment, usually via the digital currency
bitcoin, to release it. Britain's health service was also hit hard Friday as
the attack froze computers at hospitals across the country, shutting down
wards, closing emergency rooms and bringing medical treatments to a screeching
halt.
Hospitals in areas across Britain found
themselves without access to their computers or phone systems. Many cancelled
all routine procedures and asked patients not to come to the hospitals unless
it was an emergency. Some chemotherapy patients were even sent home because
their records could not be accessed.
Most of the affected hospitals were in
England, but several facilities in Scotland also reported being hit. Doctors'
practices and pharmacies reported similar problems.
As similar widespread ransomware attacks
were reported in Spain, Romania and elsewhere, experts warned that online
extortion attempts by hackers are a growing menace. Hospitals, with their often
outdated IT systems and trove of confidential patient data, are a particularly
tempting target.
British Prime Minister Theresa May said
there was no evidence that patient data had been compromised in the attack, and
that it had not specifically targeted the National Health Service.
"It's an international attack and a
number of countries and organizations have been affected," she said.
NHS Digital, which oversees U.K. hospital
cybersecurity, says the attack used the Wanna Decryption variant of malware,
which infects and locks computers while the attackers demand a ransom.
Pictures posted on social media showed
screens of NHS computers with images demanding payment of $300 worth of the
online currency Bitcoin, saying: "Ooops, your files have been
encrypted!"
Alan Woodward, visiting professor of
computing at the University of Surrey, said there was evidence the ransomware
was spreading using a Microsoft flaw exposed in a recent leak of information
from U.S. intelligence agencies.
He said the affected computers likely had
not applied the Microsoft patch or were running old operating systems for which
no patch was available.
"I don't believe it will have been a
targeted attack, but will simply have been that the ransomware has sought out
those organizations that are running susceptible devices," he said.
Tom Griffiths, who was at Bart's Hospital
in London for chemotherapy treatment, said a nurse showed him her computer
screen, which carried an image of a padlock.
"It had a countdown clock ticking
down, stating that all data would be deleted unless a payment was received within
that timeframe," he said.
NHS Digital said the attack "was not
specifically targeted at the NHS and is affecting organizations from across a
range of sectors." It initially said 16 NHS organizations had reported
being hit, and more reports came in as the day went on.
Spain, meanwhile, activated a special
protocol to protect critical infrastructure in response to the "massive
infection" of personal and corporate computers in ransomware attacks. The
National Center for the Protection of Critical Infrastructure says Friday it
was communicating with more than 100 providers of energy, transportation,
telecommunications and financial services about the attack.
The Spanish government said several
companies had been targeted in ransomware cyberattack that affected the Windows
operating system of employees' computers. It said the attacks were carried out
with a version of WannaCry ransomware that encrypted files and prompted a
demand for money transfers to free up the system.
Spain's Telefonica was among the companies
hit.
Bart's Health, which runs several London
hospitals, said it had activated its major incident plan, cancelling routine
appointments and diverting ambulances to neighboring hospitals.
Patrick Ward, a 47-year-old sales
director, said his heart operation, which was scheduled for Friday, was
cancelled at St. Bartholomew's Hospital in London.
Griffiths, who was receiving chemotherapy
at Bart's, said several cancer patients had to be sent home from Bart's because
their records or bloodwork couldn't be accessed.
"Both staff and patients were
frankly pretty appalled that somebody, whoever they are, for commercial gain or
otherwise, would attack a health care organization," he said. "It's
stressful enough for someone going through recovery or treatment for
cancer."
The National Cyber Security Centre, part
of the GCHQ electronic intelligence agency, said it was working with police and
the health system to investigate the attack.
British government officials and
intelligence chiefs have repeatedly highlighted the threat to critical
infrastructure and the economy from cyberattacks. The National Cyber Security
Centre said it had detected 188 "high-level" attacks in just three
months.
Britain's National Health Service is a
source of pride for many Britons but faces substantial budget issues and has
had previous problems with its huge IT system.
Ransomware attacks are on the rise around
the world. In February 2016, the Hollywood Presbyterian Medical Center in
California said it had paid a $17,000 ransom to regain control of its computers
from hackers.
Krishna Chinthapalli, a doctor at
Britain's National Hospital for Neurology & Neurosurgery who wrote a paper
on cybersecurity for the British Medical Journal, warned that British
hospitals' old operating systems and store of confidential patient information
made them an ideal target for blackmailers.
He said many NHS hospitals in Britain use
Windows XP software, introduced in 2001, and as government funding for the
health service has been squeezed "IT budgets are often one of the first
ones to be reduced."
"Looking at the trends, it was going
to happen," he said. "I did not expect an attack on this scale. That
was a shock.
No comments:
Post a Comment