A massive “ransomware” cyber attack on Friday targeted a number of organisations across Europe, including Britain’s state-run health service and Spain’s biggest telecommunications firm.
There were also reports of infections from Italy, Portugal, Russia and Ukraine. Computer systems were infected by cyber criminals with malicious software called ransomware, which locks up computers and demands a ransom to restore access.
Screenshots of a well-known programme that locks computers and demands a payment in Bitcoin were shared online by parties claiming to be affected, BBC reported. It was not yet clear if the attacks were all connected.
“This is a major cyber attack, impacting organisations across Europe at a scale I’ve never seen before,” said security architect Kevin Beaumont. A cyber-security researcher tweeted he had detected 36,000 instances of the ransomware, called WannaCry and variants of that name.
Cyber attack targets 16 health organisations in UK
In Britain, hospitals and doctors’ surgeries were forced to turn away patients and cancel appointments after the nationwide cyber attack crippled some computer systems of the state-run National Health Service (NHS).
The NHS said 16 organisations were affected but the service itself was not specifically targeted. No patient data was believed to have been accessed during the cyber attack but it was unclear whether the incident had impacted emergency cases.
“The investigation is at an early stage but we believe the malware variant is Wanna Decryptor,” NHS Digital, the computer arm of the health service, said. “This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors.”
The National Cyber Security Centre, part of the GCHQ spy agency, said it was aware of a cyber incident and was working with NHS Digital and police to investigate.
Hospitals across England reported the attack was causing huge problems to their services and the public in areas affected were being advised to only seek medical care for emergencies.
A reporter from the Health Service Journal said the attack affected X-ray imaging systems, pathology test results, phone systems and patient administration systems.
Spain’s largest telecommunications firm hit by ransomware
Spain’s government said a large number of companies, including telecommunications giant Telefonica, had been attacked by cyber criminals who infected computers with ransomware. Other Spanish firms such as power company Iberdrola and utility Gas Natural took preventive measures.
“There has been an alert relating to a massive ransomware attack on various organisations, which is affecting their Windows systems,” Spain’s National Cryptology Centre said.
The ransomware in Spain was a version of the WannaCry virus, which encrypts sensitive user data, the National Cryptology Centre said.
It was not immediately clear how many Spanish organisations had been compromised, if any critical services were interrupted or whether victims had paid cyber criminals to regain access to computers.
Iberdrola and Gas Natural, along with Vodafone’s unit in Spain, asked staff to turn off computers or cut off internet access in case they had been compromised.
University computers in Italy locked by ransomware
In Italy, one user shared images appearing to show a university computer lab with machines locked by the same ransomware, BBC reported.
Bitcoin wallets seemingly associated with the ransomware were reported to have started filling up with cash.
Spain is the latest nation to warn of a global surge in ransomware. Hacks have disrupted services provided by hospitals, police departments, public transportation systems and utilities in the United States and Europe.