More than 45 000 attacks of the #WannaCry ransomware hit 74 countries around the world, and numbers are still growing fast, say tech experts. The ransomware demands either payment in bitcoin or threatens to delete files in case of non-payment.
According to the US Department of Homeland Security, it has shared information with domestic and international partners about the attack.
Jakub Kroustek, from the Czech cyber security software company Avast, says he has already logged 57 000 detections of the malware. “According to our data, the ransomware is mainly being targeted to Russia, Ukraine and Taiwan, but the ransomware has successfully infected major institutions, like hospitals across England and Spanish telecommunications company, Telefonica,” he wrote on his blog.
Ransomware is a malicious software that locks up computers by encrypting its files and data, forcing users to either pay a ransom fee or lose their data. The malware that spread on Friday was identified as “Wanna Cry” or “Wanna Decryptor.”
According to The Telegraph, it has even hit international shipper FedEx. Mikko Hypponen, chief research officer at the Helsinki-based cybersecurity company F-Secure, has desribed it as “the biggest ransomware outbreak in history.”
Hospitals have been especially vulnerable as reports worldwide of ransomware attacks have been increasing. In 2016, the Hollywood Presbyterian Medical Center in California was forced to pay thousand of dollars in ransom to regain access to its IT systems.
Several hospitals in Germany were attacked by ransomware last year, but fortunately most of them reportedly had their file systems backed up.
Britain’s National Health Service (NHS), has been hit the hardest. It runs a huge IT system, but the budget-strapped and in many instances outdated system has proven an ideal target for hackers. Payment has now been demanded from the hackers within three days or the price would be doubled, they say.
After seven days it threatens to delete all files. The system is currently ecxperiencing major delays, with a number of hospitals and surgeries turning away patients. Patients are being advised to seek medical care only in emergencies.
Ambulances have had to divert to neighboring hospitals, while the Health Service Journal reported that X-ray imaging systems, pathology test results and patient administration systems were all affected.
NHS Digital, the health service’s IT division, has not yet determined whether patient records had been accessed or compromised.
On social media NHS staff posted pictures their computer screens displaying the threat: “Oops, your files have been encrypted!” as well as the accompanying image demanding a payment of 275 euros in the virtual currency bitcoin to recover the files.
Scottish Health Secretary Shona Robison said officials were convening an emergency meeting to find solutions. The British prime minister confirmed the attack and sai it was not directed at the NHS only, but international.
Both Britain’s National Cyber Security Center and Spain’s National Center for the Protection of Critical Infrastructure said they were working with companies hit by or potentially targeted by the attack.
The Spanish telecommunications giant Telefonica, which owns the German mobile network providers O2 and E-Plus, was also targeted by the attack. A spokesperson for the company said that attack had only been directed at its internal network and had not affected customers.
Spain’s Ministry of Energy, Tourism and Digital Agenda has confirmed the attack.
Russian Interior Ministry spokeswoman Irina Volk said less than 1 percent of its computers were affected, and that the virus was only “localized” she said.
Cybersecurity company Kaspersky Lab tweeted a map of countries targeted by the attack, with Russia, Ukraine and India among the hardest hit.
#WannaCry #ransomware used in widespread attacks all over the world via @Securelist https://t.co/zh012F9lCC pic.twitter.com/UzJVqUwbT6
— Kaspersky Lab (@kaspersky) May 12, 2017