- ITV Report
- 14 May 2017 at 5:42am
Experts warn another attack could come as soon as Monday Credit: PA
International efforts are under way to track down the perpetrators behind a cyber attack which threw the NHS into chaos and affected businesses across the world. Europol, the EU’s police agency, revealed on Sunday that 100,000 organisations across at least 150 countries were targeted, and there are fears that many more people may be hit by the virus on Monday when they return to work. Speaking on ITV’s Peston on Sunday, Europol director Rob Wainwright warned that “all sectors” were vulnerable to attack1 and urged organisations to ensure they updated their systems.
At this time the identity of the attackers who deployed the ransomware bug remains unknown. But Europol said its cybercrime specialists had begun a “complex international investigation” to identify the culprits. And Oliver Gower from the National Crime Agency, said: “Cyber criminals may believe they are anonymous but we will use all the tools at our disposal to bring them to justice.”
Forty-five NHS division were affected by the attack Credit: PA
Europol said the current challenge was the fast-spreading capabilities of the malware, which locks up data and demands a payment for it to be released.
However, it appears that few have paid the ransom the software demands. Meanwhile a British cyber security researcher known online as MalwareTech has warned that another attack could come as soon as Monday. He was hailed an “accidental hero” after helping prevent the virus from spreading further when he and another researcher stumbled upon a “kill switch”2 in the malware code.
The 22-year-old said: “We have stopped this one, but there will be another one coming and it will not be stoppable by us.
“There’s a lot of money in this . There’s no reason for them to stop . It’s not really much effort for them to change the code and then start over. The NHS systems are believed to have been hit by a ransomware cyber attack using malware called “Wanna Decryptor”.
Version 1 of WannaCrypt was stoppable but version 2.0 will likely remove the flaw . You’re only safe if you patch ASAP.
The attack that began on Friday is believed to be the biggest online extortion attack ever recorded, disrupting computers that run factories, banks, government agencies and transport systems. Forty-five NHS division were affected by the attack . Operations and appointments were cancelled for patients across the country as 48 trusts in England and 13 health boards in Scotland were attacked by the ransomware. Medical staff reported seeing computers go down “one by one” as the attack took hold, locking machines and demanding money to release the data.
An attack on NHS computer systems was ‘always going to happen’ a security expert has said Credit: PA
There have been calls for an inquiry into the circumstances surrounding Friday’s major incident, with the government and NHS chiefs facing questions over their preparedness and the robustness of vital systems. On Saturday a former head of the body managing the NHS’ cyber security system said an online attack on the health service was “always going to happen”. He said although the government has invested in protecting against a cyber attack, it can be “difficult” to ensure trusts spend money on cyber security.
The Home Secretary said patient data does not appear to have been accessed . Credit: ITV News
Speaking after a Cobra meeting on Saturday, Home Secretary Amber Rudd admitted “there’s always more” that can be done to protect against cyber attacks. But she stressed that attack had affected organisations in scores of countries.
“If you look at who’s been impacted by this virus, it’s a huge variety across different industries and across international governments . This is a virus that attacked Windows platforms . The fact is the NHS has fallen victim to this,” she said.
“I don’t think it’s to do with that preparedness . There’s always more we can all do to make sure we’re secure against viruses, but I think there have already been good preparations in place by the NHS to make sure they were ready for this sort of attack.”
More than 70 countries are thought to have been affected by the ransomware bug Credit: Alex Milan Tracy/SIPA USA/PA Images
NHS Digital, which manages the health service cyber security, said fewer than 5 percent of devices within the health service still use the old Windows XP system.
Nissan UK confirmed it was affected3, but said there had been “no major impact”. It is understood its plant in Sunderland is not due to have another production shift until Sunday night. A spokesman said: “Like many organisations around the world, some Nissan entities were recently targeted by a ransomware attack.
“Our teams are responding accordingly and there has been no major impact on our business .
We are continuing to monitor the situation.”
Last updated Sun 14 May 2017
Getty Images / UniversalImagesGroup / Contributor The NHS cyberattack that hit hospitals across the UK is said to have been part of the biggest ransomware outbreak in history, according to Mikko Hypponen from F-Secure. Viruses, trojans, malware, worms – what’s the difference?1
Viruses, trojans, malware, worms – what’s the difference?
Commenting on the news, Hypponen said the Wanna Decryptor attack was unprecedented, while cyber security expert Varun Badwhar said it gave a glimpse of what a “cyber-apocalypse” would look like.
“We’ve never seen something spread this quickly in a 24-hour period across this many countries and continents,” explained Badwhar. “So it’s definitely one of those things we’ve always heard about that could happen and now we’re seeing it play out.” The NHS hack is said to be creeping across the UK with reports of the ransomware attack hitting a range of other organisations in as many as 99 countries . In a statement, NHS Digital2 confirmed a number of NHS organisations had been affected by a ransomware attack . The investigation is at an early stage but we believe the malware variant is Wanna Decryptor3, a spokesperson said. Subscribe to WIRED4 At this stage, we do not have any evidence that patient data has been accessed . We will continue to work with affected organisations to confirm this.
Hackers use ransomware5 to infect a computer or system before holding files hostage until a ransom is paid . It can infect a computer via a trojan, virus or worm. Wanna Decryptor encrypts users files using AES and RSA encryption ciphers meaning the hackers can directly decrypt system files using a unique decryption key . Victims may be sent ransom notes with instructions in the form of !Please Read Me!.txt files, linking to ways of contacting the cybercriminals . Wanna Decryptor changes the computer’s wallpaper with messages (as seen in tweets from affected NHS sites) asking the victim to download a decryptor from Dropbox . This decryptor demands hundreds in bitcoin6 to work. Affected machines are said to have six hours to pay, and every few hours the ransom goes up. “Most folks that have paid up appear to have paid the initial $300 in the first few hours,” said Kurt Baumgartner, principal security researcher at Kaspersky Lab.
They added that the attack was not specifically targeted at the NHS because it is affecting “organisations from across a range of sectors” and NHS Digital is working with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations. The NHS incident appears to be part of a global cybersecurity incident with malware spreading to multiple organisations around the world . Security firm Check Point and Avast have said there have been 75,000 attacks in 99 countries . Telefonica in Spain has been the biggest confirmed incident outside of the UK but it also reports issues in Russia, Turkey, Indonesia, Vietnam, Japan, and Germany.
A spokesman for the National Cyber Security Centre7 and National Crime Agency said they were responding to an “ongoing international cyber incident” and confirmed there was no indication medical data or personal information has been compromised.” The specialist cyber crime officers from the NCA and police forces are now working with hospitals to respond to the attack preserve evidence . Read their advice on protecting yourself from ransomware8. A live map9 tracking the malware has plotted thousands of incidents around the world . Although, it is not confirmed these are all the latest version of the malware . This map tracks incidents of wcrypt and reveals how many of the botnets are online, and offline, in real-time .
A Unique IP chart below the map reveals the number of new botnets coming online, and the total . As of 7.17pm BST, there were 189 new, and 1,821 total botnets (up from nine just an hour earlier.) It is said that 24 NHS organisations have been hit .
The full list is below:
- Mid Essex Clinical Commissioning Group
- Wingate Medical Centre
- NHS Liverpool Community Health NHS Trust
- East Lancashire Hospitals NHS Trust
- George Eliot Hospital NHS Trust in Nuneaton, Warwickshire
- Blackpool Teaching Hospitals NHS Trust
- St Barts Health NHS Trust
- Derbyshire Community Health Services
- East and North Hertfordshire Clinical Commissioning Group
- East and North Hertfordshire Hospitals NHS Trust
- Sherwood Forest NHS Trust
- Nottinghamshire Healthcare
- Burton Hospitals NHS Foundation Trust
- United Lincolnshire Hospitals NHS Trust
- Colchester General Hospital
- Cheshire and Wirral Partnership NHS Foundation Trust
- Northern Lincolnshire and Goole NHS Foundation Trust
- North Staffordshire Combined Healthcare NHS Trust
- Cumbria Partnership NHS Foundation Trust
- Morecombe Bay NHS Trust
- University Hospitals of North Midlands NHS Trust
- NHS Hampshire Hospitals
- Kent Community Health NHS Foundation Trust
- Plymouth Hospitals NHS Trust
- ^ Viruses, trojans, malware, worms – what’s the difference? (www.wired.co.uk)
- ^ NHS Digital (digital.nhs.uk)
- ^ Wanna Decryptor (www.wired.co.uk)
- ^ Subscribe to WIRED (www.wired.co.uk)
- ^ ransomware (wired.uk)
- ^ bitcoin (www.wired.co.uk)
- ^ National Cyber Security Centre (www.wired.co.uk)
- ^ protecting yourself from ransomware (www.ncsc.gov.uk)
- ^ live map (intel.malwaretech.com)
British doctor and his fianc e murdered by former security guard who slit their throats in brutal penthouse attack
A British doctor and his fianc e were brutally murdered after having their throats cut by a former security guard of their luxury penthouse. Dr Richard Field, originally from London, and Dr Lina Bolanos were killed after Bampumim Teixeira burst into their luxury $1.9million Bhome in Boston, Massachusetts, on Friday evening. The terrified anaesthetist managed to send a text to a friend saying an ‘armed man’ had entered their apartment, but by the time police arrived, the couple were already dead.
Inside police found both with their hands tied and throats cut.
Bampumim Teixeira in hospital where he was charged with two counts of murder (Photo: REUTERS) A judge charged Texeira as he lay in hospital (Photo: REUTERS)
Yesterday Teixeira, who officials say wrote a ‘message of revenge’ on the couple s walls, was arraigned on two counts of murder by a judge at his hospital bedside. The 30-year-old was shot in the hand, stomach and leg during a shootout with police before he was detained. He entered two not-guilty pleas at Tufts Medical Centre in Boston.
Before he died Dr Field, 49, had texted a friend saying a gunman in the house . The pal then called police but when they arrived the Brit and Dr Bolanos, 38, were already dead.
Richard Field and Lina Bolanos (Photo: Facebook) Dr Field was originally from London (Photo: Facebook)
Police later found a black backpack in a remarkably conspicuous area”. Inside, the backpack was filled with jewellery, “presumably belonging to Miss Bolanos.
Judge Michael Bolden ordered Teixeira to be held without bail, which was not contested by the accused’s court-appointed defence attorney Steve Sack. Teixeira, of nearby Chelsea, had recently been released from jail, having passed notes demanding money from a bank on two occasions, according to prosecutors. He is next due in court date on June 8.
By the time police arrived, the couple were both dead (Photo: Facebook) The luxury condo where the couple were found butchered (Photo: WBZ)
According to reports Dr Field was born in Hammersmith, west London, and graduated from Sheffield University’s medical school in 1999. Dr Field worked at the Brigham and Women’s Hospital, an affiliate of Harvard Medical School. Paying tribute, one patient wrote on Facebook: “He was an amazing Dr .
who was so kind and compassionate.
“I always said if he ever moved back to England I would follow him . Dr Field changed my life.”
The Foreign & Commonwealth Office has not confirmed his nationality. Dr Bolanos worked at Massachusetts Eye and Ear hospital as a paediatric anaesthetist and was an instructor at the Harvard Medical School.
John Fernandez, the hospital’s president, said: “Dr Bolanos was an outstanding paediatric anaesthetist and a wonderful colleague in the prime of both her career and life.”