London: Britain’s National Cyber Security Centre said Saturday teams are working “round the clock” to restore hospital computer systems after a global cyberattack that hit dozens of countries forced British hospitals to cancel and delay treatment for patients. In Russia, where a wide array of systems came under attack, officials said services had been restored or the virus contained.
The extortion attack, which locked up computers and held users’ files for ransom, was believed the biggest of its kind ever recorded, disrupting services from the US to Russia, Spain and India. It appeared to exploit a vulnerability purportedly identified for use by the US National Security Agency and later leaked to the internet.
Two security firms — Kaspersky Lab and Avast — said they had identified the malicious software behind the attack in upward of 70 countries, although both said the attack has hit Russia hardest.
The Russian Interior Ministry, which runs the country’s police, confirmed it was among those that fell victim to the “ransomware”, which typically flashes a message demanding payment to release the user’s data. Spokeswoman Irina Volk was quoted by the Interfax news agency Saturday as saying the problem had been “localised” and that no information was compromised.
A spokesman for the Russian Health Ministry, Nikita Odintsov, said on Twitter that the cyberattacks on his ministry were “effectively repelled”. The national railway system said that although it was attacked, rail network operations were unaffected.
British Home Secretary Amber Rudd said Saturday that 45 public health organisations were hit, but she stressed that no patient data had been stolen. The attack froze computers at hospitals across the country, with some cancelling all routine procedures. Patients were asked not to come to hospitals unless it was an emergency. British media had reported last year that most public health organisations were using an outdated version of Microsoft Windows that was not equipped with security updates.
