This image provided by the Twitter page of @fendifille shows a computer at Greater Preston CCG as Britain’s National Health Service is investigating “an issue with IT” Friday May 12, 2017. Several British hospitals say they are having major computer problems Hospitals in London, northwest England and other parts of the country are reporting problems with their computer systems as the result of an apparent cyberattack. (@fendifille via AP)

Dozens of countries hit by huge cyberextortion attack

Attack appeared to exploit a vulnerability identified by the U.S. National Security Agency

NEW YORK — Dozens of countries were hit with a huge cyberextortion attack Friday that locked up computers and held users’ files for ransom at a multitude of hospitals, companies and government agencies.

The attack appeared to exploit a vulnerability that was purportedly identified by the U.S. National Security Agency for its own intelligence-gathering purposes and was later leaked to the internet.

Britain’s national health service was hit hard, its hospitals forced to close wards and emergency rooms. Spain, Portugal and Russia were also struck. Several cybersecurity firms said they had identified the malicious software behind the attack in upward of 60 countries, with Russia apparently the hardest hit.

The Russian Interior Ministry confirmed it was among those that fell victim to the “ransomware” — software that locks up a computer and typically flashes a message demanding payment to release the user’s data.

Mikko Hypponen, chief research officer at Helsinki-based cybersecurity company F-Secure, called it “the biggest ransomware outbreak in history.”

Security experts said the attack appeared to be caused by a self-replicating piece of software that takes advantages of vulnerabilities in older versions of Microsoft Windows. It spreads from computer to computer as it finds exposed targets.

Its ransom demands start at $300 and increase after two hours to $400, $500 and then $600, said Kurt Baumgartner, a security researcher at Kaspersky Lab.

The security holes it exploits were disclosed several weeks ago by TheShadowBrokers, a mysterious group that has repeatedly published what it says are hacking tools used by the NSA as part of its intelligence-gathering.

Shortly after that disclosure, Microsoft announced that it had already issued software “patches” for those holes. But many companies and individuals haven’t installed the fixes yet or are using older versions of Windows that Microsoft no longer supports and didn’t fix.

Chris Wysopal of the software security firm Veracode said criminal organizations were probably behind the attack, given how quickly the malware spread.

“For so many organizations in the same day to be hit, this is unprecedented,” Wysopal said.

By one security firm’s count, the malware struck at least 74 countries, including the U.S., where its effects seemed muted. In addition to Russia, the biggest targets appeared to be Ukraine and India, nations where it is common to find older versions of Windows in use.

Experts said the malware enters companies and organizations when employees click on email attachments, then spreads quickly internally when employees share documents and other files.

Hospitals across Britain found themselves without access to their computers or phone systems. Many cancelled all routine procedures and asked patients not to come to the hospital unless it was an emergency. Doctors’ practices and pharmacies reported similar problems.

Patrick Ward, a 47-year-old sales director, said his heart operation, scheduled for Friday, was cancelled at St. Bartholomew’s Hospital in London.

Tom Griffiths, who was at the hospital for chemotherapy, said several cancer patients had to be sent home because their records or bloodwork couldn’t be accessed.

“Both staff and patients were frankly pretty appalled that somebody, whoever they are, for commercial gain or otherwise, would attack a health care organization,” he said. “It’s stressful enough for someone going through recovery or treatment for cancer.”

British Prime Minister Theresa May said there was no evidence patient data had been compromised and added that the attack had not specifically targeted the National Health Service.

“It’s an international attack and a number of countries and organizations have been affected,” she said.

Spain, meanwhile, took steps to protect critical infrastructure in response to the attack. The government said it was communicating with more than 100 energy, transportation, telecommunications and financial services providers about the attack.

Spain’s Telefonica, a global broadband and telecommunications company, was among the companies hit.

Ransomware attacks are on the rise around the world. In 2016, Hollywood Presbyterian Medical Center in California said it had paid a $17,000 ransom to regain control of its computers from hackers.

Krishna Chinthapalli, a doctor at Britain’s National Hospital for Neurology &Neurosurgery who wrote a paper on cybersecurity for the British Medical Journal, warned that British hospitals’ old operating systems and confidential patient information made them an ideal target for blackmailers.

He said many NHS hospitals in Britain use Windows XP software, introduced in 2001, and as government funding for the health service has been squeezed, “IT budgets are often one of the first ones to be reduced.”

“Looking at the trends, it was going to happen,” he said. “I did not expect an attack on this scale. That was a shock.

___

Lawless reported from London. Parra reported from Madrid.

Anick Jesdanun, Jill Lawless And Aritz Parra, The Associated Press

Just Posted

Construction underway at Medicine River Wildlife Centre in Red Deer

The new building is twice the size of the old one

Fish for free

No license is required to ice fish on Family Day weekend

Music industry struggles to shake ugly legacy of sex, drugs and rock ‘n’ roll

TORONTO — Allegations of sexual misconduct swirling around pop-rockers Hedley have put… Continue reading

WATCH: Red Deer rings in the Chinese New Year

A couple hundred fill Festival Holiday to ring in the Year of the Dog

WATCH: From humble beginnings Red Deer-based wrestling promotion is growing

It wasn’t that long ago that Dylon Featherstone and the Canadian Wrestling… Continue reading

WATCH Replay Red Deer Feb. 18: Your weekly news highlights

Watch news from Red Deer and Central Alberta

How to keep local news visible in your Facebook feed

Facebook has changed the news feed to emphasize personal connections. You might see less news.

Life or death main decision for school shooting suspect

FORT LAUDERDALE, Fla. — The evidence against the Florida school shooting suspect… Continue reading

Man who stole millions from Seabird Island band sentenced to 4.5 years jail

Stephen MacKinnon sentenced in Chilliwack court for stealing $2.3 million over eight years

Vancouver artist’s cartoon of Florida school shooting resonates

Cartoon shows football coach, one of the victims, meeting others killed in school shootings

B.C. man brings dog to court as ‘best witness’

Man is defending himself on charges of uttering threats, possessing weapon for dangerous purposes

WATCH: Polar dippers brave icy water to raise money for Sylvan Lake charities

The water may have been cold, but the amount of money raised… Continue reading

WATCH: Cat yoga — the purr-fect de-stresser, says Red Deer-area cafe owner

Felines and humans stretch together each month at Alley Cat Cafe

Most Read


Five-day delivery plus unlimited digital access for $185 for 260 issues (must live in delivery area to qualify) Unlimited Digital Access 99 cents for the first four weeks and then only $15 per month Five-day delivery plus unlimited digital access for $15 a month