After a massive ransomeware cyber attack hit hospitals in Britain and organizations around the world last week, technology experts worked through the night to patch computer systems, according to Security Minister Ben Wallace.
The British government said 48 of the 248 health service trusts in the U.K. were impacted by Friday’s attack. Hospitals were forced to turn away patients and cancel appointments. Officials voiced concerned that family doctors’ surgeries could be targeted today.
A virus dubbed WannaCry blocked more than 200,000 computers around the globe, demanding a ransom from users to regain control of their files. Microsoft president Brad Smith reportedly acknowledged in a blog post that the attack used a hacking tool built by the U.S National Security Agency that leaked online in April.
British media credited a 22-year-old computer security expert who helped stop the attack from spreading by discovering an internet address that halted the virus when activated.
It was all hands on deck as cyber security experts in the National Health Service teamed up with the National Cyber Security Centre to patch outdated computer systems last week.
“They have been working I know through the night almost to make sure patches are in place to make sure that hopefully the NHS services can get back to normal,” Wallace told BBC Radio.
Wallace rejected the opposition Labour Party’s claims that underinvestment in the NHS left health services vulnerable to such cyber attacks. He said the government used to contract for computer services across the entire NHS but that effort was halted in 2007. Since then, maintaining protection from cyber attacks has been left up to individual health service trusts.
“It is important to note that the vast majority of NHS organizations report that they are running contemporary IT systems, which are commissioned depending on local need,” the NHS said in a statement.
When asked if the government ignored warnings that the NHS could be vulnerable to cyber attacks, Prime Minister Theresa May told Sky News that the UK healthcare system was given ample warning about the risks posed by out-dated systems.
On Friday, Microsoft released patches to fix a vulnerability in older software.
“The very nature of this particular malware, this sort of ransomware attack, is very potent because unlike more routine ones this one has used a sort of worm to exploit the operating system and bolted on a ransomware so that it spread incredibly quickly in hours not weeks or days,” Wallace said, according to Reuters.
Leaders around the globe responded to Friday’s attacks, which hit at least 150 countries. U.S. President Donald Trump ordered Tom Bossert, homeland security adviser, to conduct an emergency meeting and asses the threat posed by the ransomware attack. Senior security staff reportedly held another meeting in the White House Situation Room on Saturday.
In China today, the WannaCry virus affected traffic police and schools. Nonetheless, officials and security firms seemed optimistic, telling news outlets that the spread was starting to slow.
“The growth rate of infected institutions on Monday has slowed significantly compared to the previous 2 days,” Chinese Internet security company Qihoo 360 said. “Previous concerns of a wide-scale infection of domestic institutions did not eventuate.”
Over the weekend, Qihoo reported that the ransomeware attack infected nearly 30,000 groups by Saturday night.
Some of the attack’s victims were ignoring advice from officials and paying the $300 ransom to unlock their computers, which later doubled to $600.
Victims told Brian Lord, managing director of cyber and technology at cyber security firm PGI, that “the customer service provided by the criminals is 2nd to none.” Lord added that “one customer said they actually forgot they were being robbed.”
Other affected groups included Indonesia’s largest cancer hospital and industrial conglomerate Hitachi Ltd. Officials in India said it had received a few reports of attacks and South Korea’s presidential Blue House office identified 9 cases of ransomware in the country.
Even though the virus’s spread slowed over the weekend, European authorities warned of more attacks on the horizon.
“We should expect similar attacks regularly in the coming days and weeks,” Giullaume Poupard, head of French government cyber security agency ANSSI, said. “Attackers update their software … other attackers will learn from the method and will carry out attacks.”
Material from Reuters was used in this report.