USERS’ INFORMATION HOSTAGE
A massive cyberattack has spread across the world, locking up computers in the Russian government and hospitals in England with no clear end in sight in what is being called the biggest hack of its kind ever recorded.
The ransomware is targeting Microsoft operating systems and costs users $300 to free up their frozen computers. The bug has also popped up in Asia, Africa and Latin America.
“This is a very large, fastspreading worm, and the user, you don’t have to do anything to be infected,” said Michael Sulmeyer, director of the Cyber Security Project at Harvard’s Belfer Center for Science and International Affairs.
More than 75,000 systems in at least 99 countries were infected yesterday with the “WannaCry” ransomware, according to cybersecurity firm Avast.
Ransomware is a type of computer attack that takes over computers and servers, making the data inaccessible unless the owner sends the digital currency Bitcoin to the hackers.
“Ooops, your files have been encrypted!” the message said.
The virus uses a vulnerability in a Microsoft filesharing protocol used in Windows XP and more recent versions of Windows. Microsoft released a critical security update earlier this year to fix the vulnerability in some versions, but did not for XP, an operating system it no longer supports. That means any computer running Windows XP is — and will remain — vulnerable to this ransomware attack.
The U.S. Computer Emergency Readiness Team, part of the Department of Homeland Security, said yesterday it had received reports of ransomware “in several countries,” but did not say if there have been any reports in the U.S.
FedEx reported that its Windows computers were “experiencing interference” from malware, but wouldn’t say if it had been hit by ransomware.
There is no reason why the virus, which can spread on its own and doesn’t rely on a user clicking a bad link or opening an infected attachment, won’t keep spreading. It starts by someone opening an infected email attachment releasing the virus, experts warn.
“There’s no national boundary,” Sulmeyer said. “I wouldn’t be surprised it it’s already propagating somewhere against some U.S. entity.”
The attacks yesterday were concentrated in Europe, with Russia the hardest hit, experts said. Spain, Portugal and the U.K. also reported significant attacks. One of the first reported targets was the U.K.’s National Health Service. More than a dozen hospitals and health care institutions were unable to access patient files and medical records.
British Prime Minister Theresa May said it did not appear patient data had been taken, and said the NHS had not been specifically targeted.
Even if the NHS wasn’t targeted, it took the brunt of the attack. Hospitals closed emergency rooms, and rerouted patients to unaffected facilities.
Losing electronic medical records and systems can bring hospitals to their knees, said John Halamka, chief information officer at Beth Israel Deaconess Medical Center. He said BIDMC completely lost its computer systems in 2002 thanks to a network error.
“Doctors couldn’t enter orders, they had to hand-write them, X-rays could no longer be exchanged digitally,” Halamka said.
The hospital was so in the weeds, he said, that then-CEO Paul Levy threw on his sneakers and was running lab results back and forth.
“If access to an individual patient’s medical record is locked, that obviously is a problem, because you don’t have quick access to a patient’s medical history, allergies they may have,” said Paul Biddinger, chief of Massachusetts General Hospital’s division of emergency preparedness. “Just the loss of the system in and of itself means that the systems are instantly under a tremendous amount of strain.”