A massive cyberattack and Wanna Decryptor ransomware have hit at least 16 UK hospitals, and Britain's healthcare officials are telling citizens to only seek care if it's truly an emergency, multiple reports say. Also, reports of ransomware attacks are spreading across Italy and the Ukraine, though media reports don't know if the attacks are coordinated.
According to a statement from Britain's National Health Service:
"A number of NHS organisations have reported to NHS Digital that they have been affected by a ransomware attack.
The investigation is at an early stage but we believe the malware variant is Wanna Decryptor.
This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors.
At this stage we do not have any evidence that patient data has been accessed.
NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and ensure patient safety is protected.
Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available."
What is Wanna Decryptor?
According to Wired:
"Wanna Decryptor is a so-called encryption-based ransomware also known as WannaCry or WCRY, Travis Farral, director of security strategy for Anomali told WIRED. It encrypts users files using AES and RSA encryption ciphers meaning the hackers can directly decrypt system files using a unique decryption key.
In previous Wanna Decryptor attacks, victims have been sent ransom notes with “instructions” in the form of !Please Read Me!.txt files, linking to ways of contacting the hackers. Wanna Decryptor changes the computer's wallpaper with messages asking the victim to download the decryptor from Dropbox before demanding hundreds in bitcoin to work."
Cyberattack: Extending Across Europe?
According to a New York Times report: "An extensive cyberattack hit Britain’s National Health Service on Friday, blocking doctors from gaining access to patient files, causing emergency rooms to divert patients and stoking fears about hackers’ ability to wreak havoc on vital public services."
The Times added:
- Spanish and Portuguese companies, including Telefónica, Spain’s largest telecom operator, experienced a similar attack.
- Reports of ransomware attacks have hit Italy and Ukraine. It was not immediately clear if the attacks were coordinated or related.
Stay tuned to ChannelE2E today for breaking news updates on this massive attack.
Next From ChannelE2E: Safeguarding Customer Assets
And check ChannelE2E's home page later this month for a massive, detailed 200-page report that describes exactly how MSPs, partners and businesses can build security practices that safeguard customer assets.