A ransomware virus has reportedly targeted organisations in more than 70 countries, including the Russian Interior Ministry and the NHS in the UK.
Friday’s attacks came via a technique used by hackers that locks a user’s files unless they pay the attackers in bitcoin. Computers affected by the virus went into lockdown by a programme that demanded $300 for the files to be unlocked.
Security software company Avast reported “more than 57,000 detections”.
“We have observed a massive peak in WanaCrypt0r 2.0 (aka WCry) ransomware attacks today, with more than 57,000 detections so far,” Avast said on its blog.
“According to our data, the ransomware is mainly being targeted to Russia, Ukraine and Taiwan, but the ransomware has successfully infected major institutions, like hospitals across England and Spanish telecommunications company, Telefonica.”
Hospitals and doctors’ surgeries across Britain were forced to turn away patients and cancel appointments after the cyberattack crippled some computer systems in the country’s health service.
The National Health Service (NHS) said 16 organisations had been affected by the attack.
It said in a statement that the NHS had not been specifically targeted, adding that the attack was affecting organisations from across a range of sectors.
“The investigation is at an early stage but we believe the malware variant is Wanna Decryptor,” the NHS said.
“At this stage we do not have any evidence that patient data has been accessed.”
Britain’s National Cyber Security Centre, part of the GCHQ spy agency, said it was aware of a cyber incident and was working with the NHS and the police to investigate.
“It certainly caused a meltdown in their [hospitals’] email servers, crashed computers, and then a message came up with a threat of a ransom, that all the files will be deleted permanently if the payment was not made,” Al Jazeera’s Sonia Gallego, reporting from the UK capital, London, said.
FedEx said it was experiencing issues with some of its Windows systems in relation to the attack.
“Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware,” a spokeswoman said in a statement.
Also on Friday, Spain’s government said a large number of companies, including telecommunications giant Telefonica, had been attacked by cyber criminals who infected computers with ransomware.
Hospitals across England reported the cyber attack was causing huge problems to their services and the public in areas affected were being advised to seek medical care only for emergencies.
A reporter from the Health Service Journal said the attack had affected X-ray imaging systems, pathology test results, phone systems and patient administration systems.
The Barts Health group, which manages major central London hospitals including the Royal London and St Bartholomew’s, said it had activated a major incident plan and had cancelled routine appointments.
“We are experiencing a major IT disruption and there are delays at all of our hospitals,” it said.
“Ambulances are being diverted to neighbouring hospitals.”
Derbyshire Community Health Services said in a Twitter post: “We are aware of a major IT secure system attack. All IT systems have been temporarily shut down.”
Blackpool Hospitals NHS Trust, which includes six hospitals, said: “Please don’t attend A&E unless it’s an emergency,” and, “Please avoid contacting your GP practice unless absolutely necessary.”
There was no immediate comment from the health ministry or from Prime Minister Theresa May who was out campaigning in northeast England ahead of the general election on June 8.
Britain’s opposition Labour Party said the attack on English hospitals showed the need to place cyber security at the heart of government policy.
“This incident highlights the risk to data security within the modern health service and reinforces the need for cyber security to be at the heart of government planning,” Labour’s health spokesman Jonathan Ashworth said.