Panic over global cyber attack

ABOUT 40 United Kingdom National Health Service (UK NHS) trusts has been targeted by hackers in an international cyber attack that hit 45,000 computer systems worldwide

“This is only the beginning” an expert has warned, as he likened infected computers to “zombies” who will keep spreading the ransomware virus which nearly brought the NHS to its knees.

Alleged hacker, Lauri Love said the “top of the range cyber weapon”, believed to have been stolen from the NSA by sinister hackers the Shadow Brokers, said he expected the virus to spread across the globe.

In different senarios, a mother, Emma Simpson, took her son Sebastian to a Barts Health hospital for an X-ray on his broken toe and was told systems were down.

A man, Patrick Ward, from Dorset had his heart operation scheduled for Saturday, but it was cancelled because of a NHS cyberattack

UK Home Secretary, Amber Rudd said all but six of the 48 hospital trusts hit by the virus are now running as normal.

But Love, who is accused of stealing US data in an unconnected case, told Sky News: “I’m sad to say that this is probably only just beginning; administrators are in for a very difficult weekend.

“We should expect to see this in almost every country in the world.

“If you’ve been infected, not only have your files been encrypted and you’re being held to ransom, but your machine is being used as a zombie to attempt to affect other machines on the internet.”

Anonymous hero

Despite Love’s warning, one Brit blogger appeared to stop the virus in its tracks – by accidentally discovering a way to halt it spreading.

The anonymous “hero” found that by registering a simple website name for less than a tenner, he caused the malware to “exit” every time it infected a new machine.

It comes as the NHS was slammed by a top minister for failing to protect computers from the massive cyber attack.

Europol is working with countries hit to rein in the threat, help victims and track down the perpertrators.

Hundreds of operations have been cancelled and patients turned away from Accident and Emergency units at hospitals across the UK, while Sunderland’s Nissan plant was hit Friday night.

Home Secretary Amber Rudd slammed the NHS and said it was “disappointing” it had failed to update its systems, which she claims Health Secretary Jeremy Hunt had ordered health trusts to do.

Some NHS trusts are understood to be still using the outdated operating system Windows XP, which Microsoft stopped supporting in 2014.

Others may have failed to install a “critical” software update in March which would have protected them against the virus, experts warned.

The tools used to carry out the hack – dubbed a superweapon – are thought to be a surveillance tool developed by the US’s National Security Agency to spy on terrorists and enemy states.

The “exploit”, called EternalBlue, was stolen and dumped online by the sinister Shadow Brokers last month.

Prime Minister Theresa May, thanked NHS staff for working overnight to make sure patient records hadn’t been affected.

The massive security breach has sparked concerns over countries hoarding intelligence for offensive purposes instead of alerting tech companies to potential flaws.

Home Secretary Rudd told Sky News that no patient data had been stolen, but the government didn’t yet know who launched the attack or whether it was directed by a foreign government.

A map showed the spread of the virus, which has now infected computers in 99 countries

She told BBC Radio 4’s Today programme the virus wasn’t directly targeting NHS and “feels random”.

Dr Krishna Chinthapalli, a neurology registrar at the National Hospital for Neurology and Neurosurgery in London, made the prediction in an article in the British Medical Journal.

In December, 90 per cent of NHS trusts were reportedly still using the ageing operating system Windows XP – which Microsoft stopped supporting in 2014.

Ms Rudd said: “Windows XP is not a good platform for keeping your data as secure as the modern ones, because you can’t download the effective patches and anti-virus software for defending against viruses.”

She said the CQC does cyber checks on hospitals, adding: “I think that after this experience, I would expect them all to move forward with modernising.”

Ms Rudd insisted the UK is a world leader in cyber security, saying: “So far, all we have seen is patients inconvenienced, some hospitals, some doctors making changes to their daily life.

“But the fact is no data has yet been accessed and the NHS are brilliantly managing to weave through this disruption.”

And for those computers running newer systems, Microsoft reportedly provided a free software update to provide protection in March.

Ross Anderson, of Cambridge University, told The Guardian the “critical” software patch may not have been installed across NHS computers.

Europol said on Saturday the global cyber attack was on an “unprecedented level”.

It comes a day after US President Donald Trump signed an executive order targeting the government’s vulnerability to cyber threats.

A major operation has been launched by the National Cyber Security Centre in response to the massive attack.

Trusts across the country were affected by the large scale attack

Among the patients affected was Anthony Brett, 50, due to have a stent put in his liver for cancer treatment at St Bartholomew’s Hospital in London on May 12, who was told his records couldn’t be accessed.

And a 61-year-old man due to go under the knife for major heart surgery after months of waiting was left distraught when it was cancelled at the eleventh hour due to the hack.

However, there are no reports of the hack compromising vital systems such as life support machines.

Some NHS trusts were unable to carry out emergency MRI and CT scans as doctors reverted to using pen and paper amid the chaos.

One doctor tweeted minutes after the attack: “Massive NHS hack cyber attack today. Hospital in shut down. Thanks for delaying emergency patient care & endangering lives.”

Staff described computers going down one by one as the devastating attack took hold, as experts now say they warned of vulnerabilities in the systems for months.

Prime Minister May said Friday evening the massive cyber attack was part of a wider international attack.

Earlier in the day, the same ransomware hit Telefonica – the owner of O2 – and other huge organisations in Spain.

Nissan’s Sunderland plant has been hit by the attack, while Renault confirmed its French sites had been forced to cease production.

Cyber attacks have been reported in Italy, Portugal, Russia, Vietnam, Kazakhstan and Taiwan.

Intelligence services in Romania said they intercepted an attempted cyber attack on a government institution likely to have come from the cybercriminal group known as Fancy Bear.

And Russia’s Interior Ministry also came under attack, as well as courier firm FedEx.

China’s Xinhua news agency said some of its schools and universities had been hit.

Even Germany’s main train operator Deutsche Bahn appeared to have been attacked as images of a train timetable with the hacker’s warning message appeared on social media.

Scotland has seen 11 out of 14 health boards affected by the attack where those behind it demanded a bitcoin ransom in what is believe to be the biggest ransomware outbreak in history.

Computers in thousands of locations were locked by a programme that demands payment of $300 (£230) in bitcoin – ransom notes in 30 different languages were created according to a security expert.

Pictures posted on social media showed screens of NHS computers with images demanding payment saying: “Ooops, your files have been encrypted!”

It adds: “Maybe you are looking for a way to recover your files, but do not waste your time.”

They warned the sum would be doubled if it was not paid within three days.

Head of communication at Wirex, the world’s biggest bitcoin debit card company, Imran Khan, said the fact that the hackers have demanded payment in bitcoin may be their undoing, due to the technology working behind it.

At least 10 payments of about 300 US dollars had been made to the hackers bitcoin accounts by the evening but despite the public transaction it cannot be seen who made the payments – one address had already been paid more than $150,000, Chris Doman told Sky News.

The BBC reported that nurses at the Royal London Hospital were unable to print identity tags to go around the wrists of newborn babies.

GP practices, pharmacies and universities are also thought to have been affected by the attack.

This is not the first time the NHS has been hit by a cyber attack but it is the first of this scale.

Former MI6 director Nigel Inkster said attacks like this one have become “increasingly common” while other experts warned the NHS is likely to fall victim again in the future.