Hackers breach computers in 12 countries using stolen NSA tools – ThinkProgress

Patrick Ward, 47, a sales director at Purbeck Ice Cream, from Dorset in England, poses for photographs after giving media interviews after his heart operation scheduled today was cancelled because of a cyberattack, outside St Bartholomews Hospital in London, Friday, May 12, 2017. A large cyberattack crippled computer systems at hospitals across England on Friday, with appointments canceled, phone lines down and patients turned away. CREDIT: AP Photo/Matt Dunham

Employees and patients across multiple UK National Health Service facilities were displaced on Friday thanks to a large-scale cyberattack on network computers across Eurasia, including Great Britain, Portugal, Spain, Russia, Turkey, Vietnam, the Philippines, and Japan.

Doctors and hospital staff were locked out of patient files and forced to relocate emergency patients, the Guardian reported. The attack made use of ransomware, a type of malware that restricts file and system access by encrypting data. The hackers then demand payment in exchange for decrypting the data and restoring access. Patient records, emails, schedules, and phone lines were all ensnared in the attack.

British health officials said its systems were not the target of the attack. But security experts believe the vulnerability exploited during the attack was discovered by the NSA, and was included among the many cyber tools previously stolen from the American intelligence community earlier this year, the New York Times reported. The ransomware was distributed via email.

Hospitals and telecom companies in western Europe, Russia, and Asia were also affected, the MalwareHunterTeam told the New York Times.

The hackers demanded each user pay $300 in bitcoin to a specific bitcoin account in the next three days, potentially totaling thousands of dollars worth of bitcoin. The ransom doubles if payments arent made in that time, according to the hackers message obtained by the Guardian, and files will be kept restricted forever if payment isnt received in seven days.

Ransomware attacks arent a new occurrence, and they often work. U.S. hospital systems were recently victimized by similar attacks. A Los Angeles hospital systemHollywood Presbyterian Medical Centerpaid a $17,000 bitcoin ransom in February 2016 after patient files and data were held hostage for two weeks. The systems CEO Allen Stefanek said paying was in the best interest of restoring normal operations.

Medstar, a Washington, D.C. area hospital system, was attacked the following month and had to turn away patients. Hackers gave the hospital system, which treats 30,000 people across 10 hospitals and 250 outpatient centers, 10 days to pay $19,000 in bitcoin, the Washington Post reported.

The FBI investigated both attacks, and previously reported an uptick in ransomware hacks in recent years.

Originally posted here:
Hackers breach computers in 12 countries using stolen NSA tools - ThinkProgress