A security camera stands outside the main Telefonica headquarters in Madrid on Friday. The Spanish government said several companies including Telefonica had been targeted in ransomware cyberattack that affected the Windows operating system of employees' computers. (Photo: Paul White/AP via CP)As similar widespread ransomware attacks were reported in Spain, Romania and elsewhere, experts warned that online extortion attempts by hackers are a growing menace. Hospitals, with their often outdated IT systems and trove of confidential patient data, are a particularly tempting target. British Prime Minister Theresa May said there was no evidence that patient data had been compromised in the attack, and that it had not specifically targeted the National Health Service. "It's an international attack and a number of countries and organizations have been affected," she said. NHS Digital, which oversees U.K. hospital cybersecurity, says the attack used the Wanna Decryptor variant of malware, which infects and locks computers while the attackers demand a ransom.
Pictures posted on social media showed screens of NHS computers with images demanding payment of $300 worth of the online currency Bitcoin, saying: "Ooops, your files have been encrypted!" Alan Woodward, visiting professor of computing at the University of Surrey, said there was evidence the ransomware was spreading using a Microsoft flaw exposed in a recent leak of information from U.S. intelligence agencies. He said the affected computers likely had not applied the Microsoft patch or were running old operating systems for which no patch was available. "I don't believe it will have been a targeted attack, but will simply have been that the ransomware has sought out those organizations that are running susceptible devices," he said. Tom Griffiths, who was at Bart's Hospital in London for chemotherapy treatment, said a nurse showed him her computer screen, which carried an image of a padlock.
"It's an international attack and a number of countries and organizations have been affected." —Theresa May
An exterior view shows the main entrance of St Bartholomew's Hospital, in London, one of the hospitals whose computer systems were affected by a cyberattack on Friday. (Photo:Matt Dunham/AP via CP)"It had a countdown clock ticking down, stating that all data would be deleted unless a payment was received within that timeframe," he said. NHS Digital said the attack "was not specifically targeted at the NHS and is affecting organizations from across a range of sectors." It initially said 16 NHS organizations had reported being hit, and more reports came in as the day went on. Spain, meanwhile, activated a special protocol to protect critical infrastructure in response to the "massive infection" of personal and corporate computers in ransomware attacks. The National Center for the Protection of Critical Infrastructure says Friday it was communicating with more than 100 providers of energy, transportation, telecommunications and financial services about the attack. The Spanish government said several companies had been targeted in ransomware cyberattack that affected the Windows operating system of employees' computers. It said the attacks were carried out with a version of WannaCry ransomware that encrypted files and prompted a demand for money transfers to free up the system.
Cancer patients had to be sent home after hospital systems went downSpain's Telefonica was among the companies hit. Bart's Health, which runs several London hospitals, said it had activated its major incident plan, cancelling routine appointments and diverting ambulances to