UK: 'Worst over' in cyber-attack

Wednesday, 17 May, 2017

The cyberattack that took computer files hostage around the world appeared to slow on Monday as authorities worked to catch the extortionists behind it - a hard task that involves searching for digital clues and following the money.

As of Friday, HITRUST said it had not received any reports of an attack on a USA hospital.

"We've seen the rise of ransomware becoming the principal threat, I think, but this is something we haven't seen before-the global reach is unprecedented", Europol Executive Director Rob Wainwright said on ITV's "Peston on Sunday" broadcast.

The malware - called WannaCry - uses a type of action known as EternalBlue, believed to have been developed by the American National Security Agency. The cyberattackers demanded payments of $300 or more from users to unlock their devices. Russian Federation and Ukraine had a heavy concentration of infections, according to Dutch security company Avast Software BV.

"[Governments] need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world", Smith added.

"Windows XP is "not a good platform" for ensuring critical data is secure", said Amber Rudd, home secretary for the United Kingdom, according to BBC News. Because the bitcoin address for the ransom was the same between affected NHS and Telefónica computers, some technical experts have wondered if one may have inadvertently infected the other, especially as Telefónica supply some networking services to the NHS.

The British government said 48 of 248 health service trusts - the bodies that run the hospitals - in England had been impacted by Friday's attack. The bank said it was nonetheless "on high alert".

In response to the threat, Microsoft has also released an emergency patch for legacy Windows operating systems which, as out of cycle products, are no longer supported - unless special support contracts are in place. "Because they could have done something ages ago to get this problem fixed, and they didn't do it". The attackers demanded money to unblock their computers.

"We should expect similar attacks regularly in the coming days and weeks", Giullaume Poupard, head of French government cyber security agency ANSSI, said.

Russian President Vladimir Putin, noting the technology's link to the USA spy service, said it should be "discussed immediately on a serious political level".

But as Asia woke up to the working week on Monday, leading Chinese security-software provider Qihoo 360 said "hundreds of thousands" of computers in the country were hit at almost 30,000 institutions including government agencies.

It was all hands on deck as cyber security experts in the National Health Service teamed up with the National Cyber Security Centre to patch outdated computer systems last week. FedEx said it was "experiencing interference", the Associated Press reported.

In Japan, a spokesman for Hitachi said the conglomerate discovered problems on Monday morning and its computer networks were "unstable". Newspaper reports showed images of a ransomware message on display screens blocking train information.

Some computers at the city's main hospital were infected - but no data was lost, they confirmed. In Indonesia, the malware locked patient files on computers in two hospitals in the capital, Jakarta, causing delays.

Victims have been advised by security experts not to pay up.

As early as March, Microsoft had issued a "critical" free software update that would fix the vulnerability.

The world's biggest ransomware attack levelled off on Monday after wreaking havoc in 150 countries, but Russian President Vladimir Putin called it payback for the USA intelligence services.

The damage was contained by a 22-year-old security researcher who goes by the name @MalwareTechBlog on Twitter.

Around a fifth of NHS trusts were hit in the attack, forcing them to postpone operations and procedures over the weekend.