Operations cancelled after cyberattack — NHS hospitals hacked

Saturday, 13 May, 2017

"The special criticality of this campaign is caused by exploiting the vulnerability described in bulletin MS17-010 using EternalBlue / DoublePulsar, which can infect other connected Windows systems on the same network that are not properly updated". Cyber security experts had been cautioning the governments around the world to beware and ready for such hacks.

Sky News producer Wil Longbottom, who was receiving treatment at Lister Hospital in Stevenage, Hertfordshire, as the cyberattack was under way, said: "It's pretty chaotic - when I arrived I was told there was a "situation" involving major trauma with some patients being sent to other hospitals". Although Microsoft had released a patch for the vulnerability, many hospitals had not updated their systems. There were no immediate reports of victims in the US.

In Spain, some big firms took pre-emptive steps to thwart ransomware attacks following a warning from Spain's National Cryptology Centre of "a massive ransomware attack". The National Cyber Security Centre said it had detected 188 "high-level" attacks in just three months.

Its ransom demands start at $300 and increase after two hours to $400, $500 and then $600, said Kurt Baumgartner, a security researcher at Kaspersky Lab. The malware was included in the online dump by the hackers called Shadow Brokers, which they said were NSA tools. But many companies and individuals haven't installed the fixes yet, or are using older versions of Windows that Microsoft no longer supports and didn't fix. The security team has confirmed attacks in Russia, Ukraine and India.

A British medical student found widespread computer issues when visiting two London hospitals.

Outside the Royal London Hospital, wheelchair-bound patient Richard Harvey spoke of his disappointment as he wheeled himself home after waiting all day for a procedure that was eventually postponed.

Bart's Health, which runs several London hospitals, said it had activated its major incident plan, cancelling routine appointments and diverting ambulances to neighboring hospitals. When he tried to access patient files on a computer, he couldn't find them - even though he knew they were there. Cybersecurity firm Kapersky Labs has said that the majority of the attacks were directed toward Russian Federation, and that available figures may not fully represent the scale of the impact. "It's stressful enough for someone going through recovery or treatment for cancer".

According to The Guardian, British Prime Minister Theresa May said the attack on NHS was part of a larger attack that struck 11 other countries, including Spain, Germany, Russia and Japan. "This is not targeted at the NHS, it's an worldwide attack and a number of countries and organisations have been affected", May said.

Telecoms giant Telefonica said in a statement that it was aware of a "cybersecurity incident" but that clients and services had not been affected. Some universities in Italy are also reported to be crippled by the ransomware attack, which is now unfolding in Czech Republic, Russia, Japan, Taiwan, Ukraine and many other countries.

Sometimes, it works: Last year, Hollywood Presbyterian Medical Center forked over $17,000 to hackers who used ransomware.

Staff have reportedly been forced to revert to using pen and paper and landlines have been knocked out.

Friday evening, security firm Avast was reporting more than 75,000 WanaCrypt0r 2.0 (aka WCry) ransomware attacks in 99 countries.