Cyberattacks in 12 nations said to use leaked NSA hacking tool

An ambulance stands outside an NHS hospital in London, Britain, May 12, 2017. PHOTO: EPA
Updated
May 13, 2017, 01:45 PM
Published
May 13, 2017, 04:22 AM

LONDON (NYTIMES) - An extensive cyberattack struck computers across a wide swath of Europe and Asia on Friday (May 12), and strained the public health system in Britain, where doctors were blocked from patient files and emergency rooms were forced to divert patients.

The attack involved ransomware, a kind of malware that encrypts data and locks out the user. According to security experts, it exploited a vulnerability that was discovered and developed by the National Security Agency.

The hacking tool was leaked by a group calling itself the Shadow Brokers, which has been dumping stolen NSA hacking tools online beginning last year. Microsoft rolled out a patch for the vulnerability last March, but hackers took advantage of the fact that vulnerable targets - particularly hospitals - had yet to update their systems.

The malware was circulated by e-mail; targets were sent an encrypted, compressed file that, once loaded, allowed the ransomware to infiltrate its targets.

Reuters reported that employees of Britain's National Health Service were warned about the ransomware threat earlier Friday.

By then, it was already too late. As the disruptions rippled through hospitals, doctors' offices and ambulance companies across Britain on Friday, the health service declared the attack as a "major incident," a warning that local health services could be overwhelmed by patients.

More On This Topic
What is the 'ransomware' WannaCry worm?

Among the many other institutions that were affected were hospitals and telecommunications companies across Europe, Russia, Asia and beyond, according to MalwareHunterTeam, a security firm that tracks ransomware attacks. Spain's Telefonica and Russia's MegaFon were among the targets.

Attacks were being reported in Britain and 11 other countries, including Turkey, Vietnam, the Philippines, Japan, with the majority of affected computers in Russia. The computers all appeared to be hit with the same ransomware, and similar ransom messages demanding about US$300 (S$400) to unlock their data.

The attack on the National Health Service seemed perhaps the most audacious of the attacks, because it had life-or-death implications for hospitals and ambulance services.

Tom Donnelly, a spokesman for NHS Digital, the arm of the health service that handles cybersecurity, said in a phone interview that 16 organisations, including "hospitals and other kinds of clinician services," had been hit by a cyberattack.

Officials later updated that number to at least 25.

"It is still ongoing," he said. "We were made aware of it this afternoon."

Related Stories
US, Britain blame Russia for 'NotPetya' ransomware attack
Most Maersk operations running after global cyberattack
Mystery of motive for a ransomware attack: Money, mayhem or a message?
A ransom message popping up on a monitor of a payment terminal at a branch of Ukraine's state-owned bank Oschadbank after institutions were hit by a wave of cyber attacks yesterday. The new virus, which is spreading to many countries, has a fake Micr
New cyber attack spreads across Europe
Nato chief says cyber attacks could potentially trigger mutual defence commitment
Comparing NotPetya and WannaCry and tips on how to stay safe from ransomware
Singapore critical sectors, government not affected by NotPetya ransomware
Cyberattack reaches Asia and Australia as new targets hit by ransomware demand
China issues warning for new ransomware virus
Another large-scale cyber attack underway: Experts
Greater global cooperation required to fight cyber crime: China Daily
Hackers mint crypto-currency with technique similar to WannaCry 'ransomware' attack

Join ST's Telegram channel and get the latest breaking news delivered to you.

Available for
iPhones and iPads
Available in
Google Play

MCI (P) 066/10/2023. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2024 SPH Media Limited. All rights reserved.

Back to the top