A new email-based ransomware virus has locked up hundreds of thousands of computers in more than 150 countries hitting factories, hospitals, shops and schools worldwide over the weekend.
The UK’s National Health Service (NHS) was the highest profile victim of the “WannaCrypt” attack, hitting hospitals around the country causing operations, x-rays and appointmentts to be cancelled.
In all NHS trusts were hit, leading to criticism of the UK governemnt for failing to patch outdated software, making the health service more vulnerable to these kind of attacks.
Among the organisations targeted worldwide have been Germany’s rail network Deutsche Bahn, Spanish telecommunications operator Telefonica, US logistics giant FedEx and Russia’s interior ministry.
The director of Europol raised fears that the cyber attack that has hit NHS services and global businesses “will continue to grow” as people return to work after the weekend.
The head of Britain’s National Cyber Security Centre echoed the warning, raising concerns that many existing infections may yet to have been detected, and others could spread within networks.
He said the crisis could develop “at a significant scale” in coming days.
What is the ransomware?
The WannaCry ransomware started taking over users’ files on Friday, demanding $300 (£230) to restore access.
Hundreds of thousands of computers have been affected so far. Computer giant Microsoft said the attack should serve as a wake-up call.
However, the ransomware warning said that the cost would double after three days, so the payments may increase.
It threatens to delete files within seven days if no payment is made.
Many firms employed experts over the weekend to try to prevent new infections.
Microsoft’s boss says governments need to “adhere in cyberspace to the same rules applied to weapons in the physical world”.
The cyberattack has affected 150 countries and locked 200,000 computers.
Microsoft hits out at governments
Microsoft has hit out at governments for “stockpiling vulnerabilities”, blaming them for the “widespread damage” caused by the latest cyberattack.
The software giant compared the severity of the attack with “the US military having some of its Tomahawk missiles stolen”.
The malicious software – known as WannaCrypt or WannaCry – is widely believed to have been developed as a hacking tool by the US National Security Agency.
The cyberattack, which began in London on Friday morning, has so far affected 150 countries and locked 200,000 computers.
So far only £25,000 been paid to the attackers in the requested anonymous bitcoin currency.
However, it is believed the amount will increase as victims rush to pay ransoms of £230 ($300) or more ahead of deadlines to restore access.
The full cost of the attack and associated computer outages is not yet known, but is currently being estimated in the range of hundreds of millions of dollars.
In a blog post, released by Microsoft on Sunday, they called the attack a “wake-up call” and identified “nation-state action and organised criminal action” as “the two most serious forms of cybersecurity threats in the world today”
The company said it had released a security update back in March to protect Windows system computers against such attacks, but said many computers “remained unpatched globally”.
Brad Smith, Microsoft’s president and chief legal officer, wrote: “This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem.
“This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.
“Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage.
“An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen.