UK NHS ransomware cyberattack spreads across the globe

A ransomware attack on the National Health Service in the United Kingdom has spread into other countries, with hospital staff in the U.K. unable to access patient data, ambulances being diverted and patients planning on visiting some departments being told to stay away. 

The hack began by effecting hospitals in the north, southwest and south of England, with East and North Hertfordshire NHS reporting IT problems as a result of the attack. By late afternoon Friday, CNN reported more than 45,000 computer attacks had taken place in over 74 countries in the last 10 hours.

"The investigation is at an early stage but we believe the malware variant is Wanna Decryptor,” a spokesperson for NHS Digital said. “This attack was not specifically targeted at the NHS and is affecting organizations from across a range of sectors.”

Wanna Decryptor is a malware tool reportedly developed by the National Security Agency which has been leaked online by a group of hackers known as the "Shadow Brokers." 

Photos of the attack show a message demanding $300 in bitcoin in exchange for the decryption key which would unlock the files, with the threat of increasing the ransom on May 15 and deleting the files on May 19. 

"Microsoft released a patch earlier this year to address the vulnerability, but it appears that a number of hospitals and other users have not applied the patch,” said Creighton Magid, a partner at the international law firm Dorsey & Whitney and expert in product liability who has worked extensively with the Consumer Product Safety Commission. “Like the DDOS attack last October, this attack shows that interconnected devices and systems are vulnerable to attack by nations, non-state actors and just plain crooks.”

According to The Guardian, the ransomware attack has also infiltrated major international corporations such FedEx, Telefónica in Span and Portugal and computers in Russia, Ukraine and Taiwan.

“Although much of the focus in cybersecurity is in preventing data breaches, this attack points to the potential for an entirely different type of damage: shutting down entire businesses, hospital systems, banks and critical infrastructure,” said Magid. “Let’s hope that the attack on the National Health Service in Britain is simply a matter of inconvenience, and that nobody is denied essential care. But what happens if someone is, and is harmed as a result?  What if a US hospital were attacked similarly, and someone’s health were to be seriously impacted. Beyond the human tragedy, it would suggest possible new liability targets, starting with the hospital that failed to ensure that it had updated all of its patches.” 

Clinical Innovation & Technology's request for a comment from the Office of the National Coordinator for Health IT (ONC), including whether the attack has affected any U.S. hospitals, was not returned.