Britain to arrest criminal behind NHS cyber attack: Home Secretary

Adjust Comment Print

Employees booting up computers at work Monday could see red as they discover they're victims of a global "ransomware" cyberattack that created chaos in 150 countries and could wreak even greater havoc as more malicious variations appear.

Experts expressed concern that there would be a resurgence in attacks when people return to work.

The criminals behind this attack based the WannaCry ransomware on a National Security Agency (NSA) exploit that was leaked earlier this year.

The NHS says it employs more than 1.5 million people, making it one of the world's biggest employers along with the U.S. Department of Defense, Walmart and the Chinese army.

However, a kink in the hackers' plan happened when a cyber security expert in the United Kingdom accidentally stopped the hack by registering a domain the ransomware was trying to connect to, but that doesn't mean the whole thing can't be restarted with a few code changes. Health secretary Jeremy Hunt has confirmed there has not been a second wave of cyber attacks on NHS trusts since the attacks on Friday. In China, universities and other educational institutions were hardest hit because they have older computers and are slow to update their operating systems and security.

The attack involved a malware called Wanna Decryptor, which encrypts files on a user's computer, blocking them from view and demanding a payment to release them.

Rouhani looks to beat hard-liner as Iran prepares to vote
Some experts say Iranian establishment figures may want to keep Rouhani in power to avoid being cast back into isolation. Ayatollah Khamenei added that the judgment of the two groups would be premised on the people's turnout on elections day.

A spokesman for NHS Digital said: Our understanding is that if that had been acted on it would have prevented (the malware attack). The police also strongly advise against paying the "ransom" to regain access to your computer if you have been affected.

Security agencies have so far not been able to identify who was behind the attack.

A number of hospitals in England and Scotland were forced to cancel procedures after dozens of NHS systems were brought down in Friday's attack.

Ryan Kalember, senior vice president at Proofpoint Inc, said on Sunday that millions of devices could be vulnerable if they haven't applied security patches over the weekend.

Professor Clark said ransomware represented a growing threat to computer users but pointed out that this virus was not new and a "patch" had already been completed to protect newer operating systems but not "obsolete" ones like Windows XP.