NHS cyber attack: Ransomware used in huge hack is now spreading across the world

The malware is brand new

Andrew Griffin
Friday 12 May 2017 17:30 BST
Comments
NHS hit by major cyber attack

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The malware used in the huge NHS hack is now spreading across the world.

The problems are hitting people and companies across Europe and Asia, according to experts.

The ransomware – which locks down files until money is paid – is a new version that is rapidly spreading across the world. It is known as Wanna Decryptor.

Though the problem has become most famous for the damage it has done to NHS systems, the effects have focused most specifically on Spain and Russia, according to experts.

“This cyber attack is much larger than just the NHS," said Travis Farral, director of security strategy for cyber security firm Anomali Labs. "It appears to be a giant campaign that has hit Spain and Russia the hardest."

Some people are already paying to get their files back, Mr Farral said.

Wanna Decryptor, the malware that is being used, has been known to cyber security experts for weeks. But the version spreading across the internet has just been updated, according to reports.

"The ransomware used in this attack is relatively new - it was first seen in February 2017, and the latest variant emerged earlier today," said Aatish Pattni from cyber security firm Check Point.

"Even so, it's spreading fast, with organisations across Europe and Asia being hit.

"It shows just how damaging ransomware can be - and how quickly it can cause disruption to vital services.

"Organisations need to be able to prevent infections taking hold in the first place, by scanning for, blocking and filtering out suspicious files content before it reaches their networks.

"It's also essential that staff are educated about the potential risks of incoming emails from unknown parties, or suspicious-looking emails that appear to come from known contacts.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in