Britain’s health services were attacked Friday by a massive international cyber attack that encrypted information and froze computers at hospitals across the country.
The attack shut down hospital wards, closed emergency rooms and patients scheduled for medical treatment were even sent home as the staff could not access their records.
The targeted hospitals were unable to access their computers or phone systems, and many had to cancel routine procedures and ask patients not to come to the medical centers unless it was an emergency.
Cyber attack hits U.K. and Scotland hospitals
The majority of the affected hospitals were in England, although similar attacks were reported in facilities in Scotland, as well as some pharmacies and doctors’ practices.
In Scotland, NHS Lanarkshire had to close down its non-essential IT network and urged patients not to attend the hospital if it wasn’t an emergency. Other affected locations included NHS Glasgow, Dumfries and Galloway, Forth Valley and the Western Isles. Health Secretary Shona Robinson said they were aware of the number of health boards affected by potential cyber incidents and that the first minister would chair a resilience meeting in the next hours.
Cybersecurity firm Avast confirmed it tracked down more than 75,000 attacks in 99 countries and noted that the majority of the attacks targeted Ukraine, Russia, and Taiwan. Experts warned that online extortion attempts by hackers are becoming a growing menace. The hackers attacked British hospitals as many of them have outdated IT systems, and are an easy and tempting target for cyber attacks.
British Prime Minister Theresa May said that security officials had not found evidence pointing that patient data was compromised in the attack and added that the hackers had not specifically targeted the National Health Service.
“It’s an international attack and a number of countries and organizations have been affected,” said May, according to The Washington Post.
NHS Digital, the company that oversees Britain’s hospital cyber security, said the attack used the Wanna Decryptor variant of malware. The malware can infect and lock computers, granting time for the attackers to demand a ransom.
Users posted pictures on social media of NHS computers during the attack, where is seen that the hackers demanded a payment -per infected computer- of $300 worth of Bitcoin. The image also shows that the hackers explain that the computer files have been encrypted and the only way to decrypt them is paying. They even attached a clock with the time left to make the payment.
Hackers could have gotten access due to leaked CIA information
Alan Woodward, visiting professor of computing at the University of Surrey, said there was evidence the ransomware was developed using a Microsoft flaw that was recently exposed in a leak of information from U.S. intelligence agencies. Recently, WikiLeaks published evidence of old CIA’s hacking tools to gain access to certain phones, computers, and even TVs. Woodward believes the affected computers had probably not applied the Microsoft patch or they were running old operating systems for which the patch was not available.
“I don’t believe it will have been a targeted attack, but will simply have been that the ransomware has sought out those organizations that are running susceptible devices,” said Woodward, according to The Washington Post.
A patient called Tom Griffiths attended Bart’s Hospital in London for his chemotherapy treatment and said that the nurse showed him her computer screen, which had a clock ticking down and stating that all data would be deleted unless a payment was received within the timeframe.
NHS Digital said the cyber attack was not specifically targeted at them and noted that organizations across a range of sectors were also affected. The National Health Service initially reported that it hit 16 NHS organizations, but other reports were later informed.
Ransomware attacks are on the rise
Spain was also affected by the ransomware, and the country activated a special protocol that protects critical infrastructure, as a response to the massive infection of corporate and personal computers. The National Center for the Protection of Critical Infrastructure stated that they were working with more than 100 providers of energy, telecommunications, transportation and financial services about the attack.
The Spanish government reported that several companies, including Telefonica, had been targeted in ransomware cyber attacks that infected the Windows operating system of some employees’ computers. They stated that the attacks were conducted with a version of WannaCry ransomware.
Britain’s National Cyber Security Centre, a branch of the GCHQ electronic intelligence agency, said it is working with police and health officials to investigate the attack. The British government has said multiple times that cyber attacks are a threat to critical infrastructure and the economy. The National Cyber Security Center added that it had detected 188 “high-level” cyber attacks in the last three months.
Ransomware attacks are the latest trend in cyber attacks around the world. In February 2016, the Hollywood Presbyterian Medical Center in California admitted it had paid a $17,000 ransom to regain control of their computers from hackers.
Source: The Washington Post