Cyber cops on the hunt for hackers
‘Unprecedented’ ransomware attack has global reach
USA TODAY
Britain’s National Cyber Centre says it is “working round the clock” to counter a fast-moving, global ransomware attack that crippled the National Health Service and hit as many as 74 countries.
The cyberattack, which apparently exploited a flaw exposed in documents leaked from the U.S. National Security Agency, also struck systems — from transport facilities to universities — in Ukraine, Spain, Italy and India. Even Russia’s interior ministry said it was hit.
“We have never seen such a fast spreading, well-coordinated attack with as many victims,” said Csaba Krasznay, director of the Cyber Security Academy at Hungary’s National University of Public Service.
The European Cybercrime Centre, set up four years ago by Europol, the European Union’s police agency, said the attack was at an “unprecedented level” and will require a “complex international investigation” to identify the culprits.
The attack hit almost 20 percent of the United Kingdom’s 248 public health trusts. By Saturday all but six were back to normal, the Associated Press reported.
British Home Secretary Amber Rudd told the BBC that 45 NHS organizations in England and Scotland were disrupted, but there was no evidence patient data was compromised.
East and North Hertfordshire NHS Trust, which runs four hospitals north of London, postponed all non-urgent work and asked people not to come to the accident and emergency unit.
Some doctors were forced to use pen and paper to record patient details following the attack.
At its core, the attack is an extortion scheme aimed at forcing organizations to pay a ransom to avoid having their data deleted. Infected computers showed a screen giving the user three days to pay up. After that, the price would be doubled. After seven days the files would be deleted, it threatened.
The hackers behind the ransomware attack, who have not been identified, demanded $300 worth of the online currency Bitcoin per computer to release files from encryption. In Spain, the largest telecommunications company would need to pay close to $550,000 to unlock all the encrypted computers hit on its network.
The attack seems to have first appeared around 2 a.m. ET Friday in Europe, said Kurt Baumgartner, a principal security researcher with Kaspersky Lab in Moscow.