Malware affecting NHS England now spreading across Europe, Asia

Adjust Comment Print

In a statement, the NHS said that its early investigations attributed the attack to a strain of malware known as the "Wanna Decryptor", a ransomware program that infects computers via a trojan virus and encrypts data stored on the local disk drive. "Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available", it said. In the initial reports, at least 25 NHS organisations and some GP practices were reported affected by the attack as hospitals could not access patients' data.

Spanish telecommunications giant Telefonica has reportedly instructed all employees to power down their systems in the wake of a massive ransomware attack. There have been 4,000 ransomware attacks every day since early 2016, according to the US government.

Writing in the British Medical Journal, he said: "We should be prepared: more hospitals will nearly certainly be shut down by ransomware this year". The screen shots showed demands for $300 worth of the online currency Bitcoin - to regain access to files.

This was also likely to embolden cyber extortionists when selecting targets, Chris Comacho, chief strategy officer with cyber intelligence firm Flashpoint, said. "It appears to be a giant campaign that has hit Spain and Russian Federation the hardest", said Travis Farral, director of security strategy for cyber security firm Anomali Labs.

United Lincolnshire Hospitals NHS Trust said it was cancelling all outpatient, endoscopy, cardiology and radiology weekend appointments because of the attack, which had affected Lincoln County Hospital, Pilgrim Hospital and Grantham Hospital.

The attack has also hit facilities in Scotland, where Health Secretary Shona Robison says officials are "taking immediate steps to minimize the impact of the attack across NHS Scotland and restrict any disruption".

The attacks involve malicious software blocking victims from accessing data and demanding a ransom in exchange for access being returned.

Similar ransomware attacks were reported in Italy and Ukraine. It said the attacks were carried out with a version of WannaCry ransomware that encrypted files and prompted a demand for money transfers to free up the system.

A number of recent exploits released onto the internet, including ones allegedly stolen from the U.S. National Security Agency and released by a mysterious group called Shadow Brokers, could have made short work of NHS systems, he said.

Several sources are reporting that the malware in question is ransomware.

It has had to cancel routine appointments and ambulances are being diverted to neighboring hospitals, Barts said.

It said the attacks had not affected the companies' services or data protection of their clients.

Several individual health service trusts in England reported severe problems.