Earlier today, wide swathes of Britain’s health system were brought to their knees in a series of ransomware attacks that reportedly deployed tools created by United States’ National Security Agency. And according to new reports that are coming in even as we speak, the problem may be significantly more widespread than it was originally anticipated to be.
On Friday, a string of hospitals in the UK were unable to cater to patients after they were attacked by a ransomware that messed up data on their systems. The ransomware then proceeded to demand payments in excess of $300 in return for leaving them alone. This led to serious issues and completely disrupted the delivery of medical care to patients.
A ransomware FYI, refers to malicious code that usually operates by locking your computer or by scrambling all the data on it. The victim is then asked to shell out some money before their access to their own systems is restored. Ransomware attacks have been increasing in frequency and complexity since a few years ago, when they first surfaced.
After failing to counter the threat, hospitals in the UK recommended that patients seek medical facilities only in case of emergencies while also canceling routine appointments.
It now appears that the problem is global in nature. Spanish telecommunications firm Telefonica was also laid under siege although it has confirmed that only some computers on its internal network were affected and that services were continuing to function normally.
The threat does not stop here. Not only is it the first piece of self-spreading ransomware, it has already caused one of the largest global ransomware attacks ever seen. And it could cause even more damage as it continues to run unchecked. The biggest threat here is the fact that the ransomware — identified as Wanna Cry — exploits a vulnerability in the Windows operating system to spread across networks on its own. This capability makes it lethal in today’s era, when internal and external computer networks are the norm.
The ransomware is believed to exploit a vulnerability that was released by Shadow Brokers last month. The elusive group had said that they managed to obtain the vulnerability from a bunch of documents that contained information about NSA’s tools. Microsoft did issue a patch on March 14 which should prevent the vulnerability from being exploited however, computers that have not installed the patch continue to remain under threat.
And there are a surprising number of these systems. After all, if Britain’s NHS fell under the pall of the threat, so can a lot of others. Countries affected also include Italy and their are reports stating that Wanna Cry may have reached India as well.
The story is still developing. We will have more information for you as soon as possible.