Fast-moving cyberattacks wreak havoc worldwide (Update 3)

May 12, 2017 by Rob Lever, With Robin Millard In London
Britain's National Health Service reported a cyber attack on a number of hospitals on May 12, 2017

A fast-moving wave of cyberattacks swept the globe Friday, apparently exploiting a flaw exposed in documents leaked from the US National Security Agency.

The attacks—which experts said affected dozens of countries—used a technique known as ransomware that locks users' files unless they pay the attackers a designated sum in the virtual currency Bitcoin.

Affected by the onslaught were computer networks at hospitals in Britain, Russia's interior ministry, the Spanish telecom giant Telefonica and the US delivery firm FedEx and many other organizations.

Britain's National Cyber Security Centre and its National Crime Agency were looking into the UK incidents, which disrupted care at National Health Service facilities.

"This is not targeted at the NHS, it's an international attack and a number of countries and organizations have been affected," British Prime Minister Theresa May said.

Russia's interior ministry said that some of its computers had been hit by a "virus attack" and that efforts were underway to destroy it.

The US Department of Homeland Security's computer emergency response team said it was aware of ransomware infections "in several countries around the world."

Jakub Kroustek of the security firm Avast said in a blog post update around 2000 GMT, "We are now seeing more than 75,000 detections... in 99 countries."

Kaspersky researcher Costin Raiu cited 45,000 attacks in 74 countries, saying that the malware, a self-replicating "worm," was spreading quickly.

In a statement, Kaspersky Labs said it was "trying to determine whether it is possible to decrypt data locked in the attack—with the aim of developing a decryption tool as soon as possible."

'Unequivocally scary'

"It's unequivocally scary," said John Dickson of the Denim Group, a US security consultancy.

Dickson said the malware itself, which exploits a flaw in Windows, was not new but that adding the ransomware "payload" made it especially dangerous.

"I'm watching how far this propagates and when governments get involved," he said.

The malware's name is WCry, but analysts were also using variants such as WannaCry.

Forcepoint Security Labs said in a statement that the attack had "global scope" and was affecting networks in Australia, Belgium, France, Germany, Italy and Mexico.

In the United States, FedEx acknowledged it had been hit by malware and was "implementing remediation steps as quickly as possible."

Britain's National Health Service declared a "major incident" after the attack, which forced some hospitals to divert ambulances and scrap operations.

Message to users: 'Oops'

Pictures posted on social media showed screens of NHS computers with images demanding payment of $300 (275 euros) in Bitcoin, saying: "Ooops, your files have been encrypted!"

It demands payment in three days or the price is doubled, and if none is received in seven days, the files will be deleted, according to the screen message.

A hacking group called Shadow Brokers released the malware in April claiming to have discovered the flaw from the NSA, Kaspersky said.

Although Microsoft released a security patch for the flaw earlier this year, many systems have yet to be updated, researchers said.

"Unlike most other attacks, this malware is spreading primarily by direct infection from machine to machine on local networks, rather than purely by email," Lance Cottrell, chief scientist at the US technology group Ntrepid.

"The ransomware can spread without anyone opening an email or clicking on a link."

The sort of ransom demands have been growing precedent at medical facilities. In February 2016, a Los Angeles hospital, the Hollywood Presbyterian Medical Center, paid $17,000 in Bitcoin to hackers who took control of its computers for more than a week.

"Ransomware becomes particularly nasty when it infects institutions like hospitals, where it can put people's lives in danger," said Kroustek, the Avast analyst.

A spokesman for Barts Health NHS Trust in London said it was experiencing "major IT disruption" and delays at all four of its hospitals.

"We have activated our major incident plan to make sure we can maintain the safety and welfare of patients," the spokesman said. "Ambulances are being diverted to neighboring hospitals."

Two employees at St Bartholomew's Hospital, which is part of Barts Health, told AFP that all the computers in the hospital had been turned off.

Caroline Brennan, 41, went to the hospital to see her brother, who had open heart surgery.

"They told us there was a problem. They said the system was down and that they cannot transfer anyone till the computer system was back up," Brennan said.

Some said the attacks highlighted the need for agencies like the NSA to disclose security flaws so they can be patched.

"These attacks underscore the fact that vulnerabilities will be exploited not just by our security agencies, but by hackers and criminals around the world," said Patrick Toomey of the American Civil Liberties Union.

Explore further: Cyber strike on UK hospitals is 'international attack': PM

Related Stories

Alarm grows over global ransomware attacks

May 12, 2017

Security experts expressed alarm Friday over a fast-moving wave of cyberattacks around the world that appeared to exploit a flaw exposed in documents leaked from the US National Security Agency.

Recommended for you

A novel approach of improving battery performance

September 18, 2018

New technological developments by UNIST researchers promise to significantly boost the performance of lithium metal batteries in promising research for the next-generation of rechargeable batteries. The study also validates ...

25 comments

Adjust slider to filter visible comments by rank

Display comments: newest first

rderkis
2.6 / 5 (9) May 12, 2017
I don't know much about bitcoin but it sounds like bitcoin and any other way of sending money that is untraceable needs to be stopped or at least set up so transferred funds can be traced.
thisisminesothere
5 / 5 (2) May 13, 2017
I don't know much about bitcoin but it sounds like bitcoin and any other way of sending money that is untraceable needs to be stopped or at least set up so transferred funds can be traced.


Good luck with that. The system has been in place for years. Its a decentralized network that doesnt need to rely on one network. In fact, it was developed specifically for that purpose.

Everything can be used for good or bad. That does not mean we need to stop using or destroy everything. This comes down to security and proper patching. If these places would keep up to date then this type of thing wouldnt happen.

If you want to pass blame, blame the administration, techs, and the people holding the purse strings. Good security aint cheap.
rderkis
2.3 / 5 (3) May 13, 2017
This comes down to security.


You're exactly right it is the VICTIM'S fault they get robbed, raped or shot. He looked small, therefore weak, She was dressed provocatively in her full coveralls. He deserved to be shot for wearing his hair that way besides who cares he was a black man. It's certainly not the predators fault he likes little boys, the little boys should have been better guarded.
And YES this is pretty much exactly what you said.
idjyit
1 / 5 (2) May 13, 2017
If there were no bitcoin exchanges there would be no value for bitcoin.
It enables anonymous crime, and has no other benefit.
Blockchain mining is now the domain of large corporates with enough bandwidth and money to buy huge numbers of ASIC boxes, the blockchain protocol is buggy and unreliable.
In short the original bitcoin was implemented by criminals, and has gained ground in the financial world for reasons that are very suspicious.
eachus
5 / 5 (5) May 13, 2017
This comes down to security.

You're exactly right it is the VICTIM'S fault they get robbed, raped or shot.

No, if a mugger passes on me because I am tall, and hits you because you are short, that is not my fault--or yours. But if you leave the keys in your car and the engine running while you run into the store for a few things? Oh, and the baby in the back seat? The teenage joy rider who stole your car wasn't trying to commit kidnapping. There are different degrees of irresponsibility.

In this case anyone still running major servers on Windows XP, or a more recent version but not applying security patches? The crooks who wrote and spread WCry should be hung if caught. They knew that their software could cause deaths, and acted in reckless disregard. But whoever made the decision to keep running a life critical system on old, unmaintained software, without regular backups? They should at least be fired.
Gigel
not rated yet May 13, 2017
But whoever made the decision to keep running a life critical system on old, unmaintained software, without regular backups? They should at least be fired.

You know, some people keep old systems because they are functional and reliable (until proven otherwise). For them it doesn't make much sense to get a new OS if the old one works. Some of them may even have nasty experiences with new software not doing what the old one was doing. The matter is complex. For me, it is not good that OSs change all the time. I'd rather have a Win XP with updates and all than a new Win every 2 years. The same goes for Linux. I'm conservative and I stick with what works.
Gigel
not rated yet May 13, 2017
What if all important institutions and firms decide from tomorrow on to have OS upgrades each time a new OS comes out? Maybe not as soon as it comes out, maybe after 1 year (they allow a debugging time). What if they'll all find out they have to replace all their computers for that and then train all their stuff with the new OS version because it is different form the old one? What if there will be problems not because of cyberattacks but of people using the new OS in a wrong way, or because of bugs it has? The solution may not be so ready to be applied.

What some states, ministries and institutions did was to build their own OS (usually a Linux version) and then use that instead of changing the OS version all the time. I have no idea how they detect bugs in their own OS in order to patch it.
kochevnik
3 / 5 (2) May 13, 2017
I don't know much about bitcoin but it sounds like bitcoin and any other way of sending money that is untraceable needs to be stopped or at least set up so transferred funds can be traced.
The complete blockchain is on every user's hard drive. Only untraceable if you are dumber than a hammer
You're exactly right it is the VICTIM'S fault they get robbed, raped or shot. He looked small, therefore weak, She was dressed provocatively in her full coveralls. He deserved to be shot for wearing his hair that way besides who cares he was a black man. It's certainly not the predators fault he likes little boys, the little boys should have been better guarded.
And YES this is pretty much exactly what you said.
Oh not the victim bullshiyte again. Shall we print more money for you? And who is the perp? Oh white people because Jews are untouchable. And of course blacks only five times more likely to kill whites that the contrary, due solely to Elvis
kochevnik
1 / 5 (1) May 13, 2017
In short the original bitcoin was implemented by criminals, and has gained ground in the financial world for reasons that are very suspicious.
By criminals you mean people brighter than you? In other words, anybody? The comments here before were a toilet but now they are septic
rderkis
3 / 5 (2) May 13, 2017
The comments here before were a toilet but now they are septic


Then why read them or answer them are you telling us your ignorant?
Nik_2213
not rated yet May 13, 2017
Legacy code: We've a stand-alone mini-CCTV system that uses FAT16 SD cards. No PC running later than XP will read those due to Microsoft policy to abandon x16 compatibility.
However, we've an old 'All in One' printer with card slots, which *can* read that format...

Sure, we also have a local network of wireless PTZ IP-Cams, but they're so quirky, I'd rather herd cats !!
thisisminesothere
5 / 5 (1) May 13, 2017
This comes down to security.


You're exactly right it is the VICTIM'S fault they get robbed, raped or shot. He looked small, therefore weak, She was dressed provocatively in her full coveralls. He deserved to be shot for wearing his hair that way besides who cares he was a black man. It's certainly not the predators fault he likes little boys, the little boys should have been better guarded.
And YES this is pretty much exactly what you said.


How is the analogous at all? These companies were being reckless with their security. It wasnt a directed attack on the "weak" or "small" it was a wide spread attack on those who havent bothered to keep up to date with SECURITY patches.

Those patches are sent out by Microsoft for fun. Its one of the reasons that Microsoft has implemented automatic updating. 99% of the time a security patch does NOTHING to affect the workings of the computer from a user perspective. Theres no need to upgrade to a newer OS for years...
thisisminesothere
not rated yet May 13, 2017
This comes down to security.


You're exactly right it is the VICTIM'S fault they get robbed, raped or shot. He looked small, therefore weak, She was dressed provocatively in her full coveralls. He deserved to be shot for wearing his hair that way besides who cares he was a black man. It's certainly not the predators fault he likes little boys, the little boys should have been better guarded.
And YES this is pretty much exactly what you said.


...Sometimes decades. XP is VERY old. Upgrading to slightly newer and proven to be reliable OS is something that should happen every so often. Especially how fast technology develops. The software has to keep up to date with that.

I do not see how your analogy fits here. They knew something like this could happen, the admins of the servers should have been far more prepared for this possibility.

If I tell you I will attack you and you do nothing to mitigate it. You must carry SOME of that blame. Bad people exist.
rderkis
5 / 5 (1) May 13, 2017
How is the analogous at all?


This should not need to be explained to you, if you have a concept of right and wrong.
There are innocent people and there are bad guys.
Which one are you?
I am a good guy and will defend you and your family, even if it means taking a bullet for you.
And I say that as a person that has taken a bullet before. And had my hands severely burnt putting out coworkers cloths that were on fire while sitting under towers that were raging flames.
idjyit
5 / 5 (1) May 13, 2017
The complete blockchain is on every user's hard drive. Only untraceable if you are dumber than a hammer

You obviously no nothing about bitcoin, bitcoin history or VPN's for that matter.
ZergSurfer
5 / 5 (1) May 13, 2017
Mix your BC's, obfuscate the origin.
https://en.wikipe..._tumbler

I could go into how the UK NHS IT works, and it's need for centralised reform, but that would be a multi-page rant, suffice it to say the minister for health saw fit to to cancel a planned upgrade scheme on "cost grounds", so many systems are stuck on XP,IE6 and activex.They may not be facing the internet, but they are on the internal net, which is. Enough, I'm scaring myself lol.
(I don't even work for them, but I feel their admin's pain)
rderkis
5 / 5 (1) May 14, 2017
You obviously no nothing about bitcoin, bitcoin history or VPN's for that matter.


And you obviously don't realize your trying to be logical with a conspiracy theorist. :-)
kochevnik
not rated yet May 14, 2017
@SomeGkamPhysorgTrollCloneReplyingHimself You obviously no nothing about bitcoin, bitcoin history or VPN's for that matter.
You obviously are too stupid to open your /blocks/ directory, but prefer documenting your subhuman IQ here
And you obviously don't realize your trying to be logical with a conspiracy theorist. :-)
Conspiracy theory? Is that how your describe your job cleaning toilets at the masonic lodge?
rderkis
not rated yet May 14, 2017
Conspiracy theory? Is that how your describe your job cleaning toilets at the masonic lodge?


OK,OK I forgot to label you a troll to. Sorry oversight on my part. :-)

So you hate and look down on anybody that would do a honest days work, also.
idjyit
not rated yet May 14, 2017
@kochevnik

Go on then, make yourself famous and track down all the bitcoin transactions, you'll get a Job at the NSA as well.
Or go do some homework and learn some reality, Google is you friend Buddy :-)
rderkis
3 / 5 (2) May 15, 2017
Or go do some homework and learn some reality, Google is you friend Buddy :-)


How about we start by making it a felony for anyone to use any system where money is transferred without a record. I am talking about both end users and institutions., buying or selling

Next we get rid of the bitcoin machines that are starting to pop up.
Please don't get me wrong I don't like this but there are to many predators taking advantage of hospitals, law enforcement and the elderly.
idjyit
1 / 5 (1) May 15, 2017
I'd be more inclined to outlaw Bitcoin and it's derivatives completely. (Which means outlawing exchanges)
Identity theft being what it is, there is now way to enforce transaction tracking.
People speculating on bitcoin has driven the exchange rate through the roof, and transparent legitimate digital currencies are a much better option.
There is only one reason for cryptocurrency and that's hiding income.
rderkis
1 / 5 (1) May 15, 2017
Identity theft being what it is, there is now way to enforce transaction tracking.

If we could track it, such measures would be unnecessary. :-)
It's the threat of severe punishment, that will stop people like you and I from using bitcoin.
kochevnik
1 / 5 (1) May 15, 2017
I'd be more inclined to outlaw Bitcoin and it's derivatives completely. (Which means outlawing exchanges)
Identity theft being what it is, there is now way to enforce transaction tracking.
People speculating on bitcoin has driven the exchange rate through the roof, and transparent legitimate digital currencies are a much better option.
There is only one reason for cryptocurrency and that's hiding income.
So please post your credit card and ID documents. Otherwise you are hiding income and the state should seize your property and throw you on the street, you Bolshevik filth
rderkis
1 / 5 (1) May 15, 2017
Otherwise you are hiding income and the state should seize your property and throw you on the street, you Bolshevik filth


Please don't try to win arguments by using libelous labels. All that does is show your ignorance. Besides you might hurt my feelings! :-) But I obviously hurt your feelings. :-)

You are not to smart if you think the government does not already know my credit card numbers and bank accounts. But you already showed us your IQ with your use of dumb labels.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.