Recent ransomware attack hit much harder than initial estimates; NHS facilities, two U.S. healthcare systems are among its victims.
WannaCry’s global impact; eClinicalWorks settles False Claims suit.
Effects of the WannaCry ransomware attack lingered long past the initial attack, with some organizations still dealing with the aftereffects weeks later. Some 1 million to 2 million computer systems were compromised by the global WannaCry ransomware attack in mid-May, with victims including the National Health Service of the United Kingdom and at least two hospital systems in the United States. The malware, which hit computer systems worldwide, is believed to have infected five to 10 times as many systems as experts estimated in the early days of the attack, an expert told members of Congress in June.
WannaCry first appeared in Europe and Asia on May 12 and spread globally. An employee of Kryptos Logic in the U.K. stopped the worm attack by registering a domain associated with it, testified Kryptos CEO Salim Neino at a joint hearing of the House Oversight and Research and Technology subcommittees.
More than a month after the attack, Kryptos Logic had mitigated more than 60 million WannaCry infection attempts worldwide, with about 7 million of those from the U.S. The vendor estimated that those infections could have impacted 10 million to 15 million unique systems had they not been stopped, Neino contended.
The largest attack occurred nearly three weeks after the malware appeared, “on June 8 and 9 on a well-funded hospital in the east coast of the United States,” Neino added. “Another hospital was also hit on May 30 in another part of the country.”
Neino did not identify either system in his remarks. His testimony matches information contained in a Department of Health and Human Services alert issued in early June notifying the healthcare industry that the agency was aware of two large multistate hospital systems that were “continuing to face significant challenges to operations because of the WannaCry malware.”
Although WannaCry disrupted hospitals, telecommunications and other organizations globally, the U.S. infection rate was lower than that experienced elsewhere in the world.