A widespread cyberattack making use of stolen National Security Agency tools has crippled computer systems in more than 90 countries across Asia and Europe, including the English healthcare system — the National Health Service.
The attack, circulated via email, corrupted accounts with “ransomware” files that locked users out of their computers. The attack exploited tools created by the NSA, according to the New York Times. Affected computers displayed a demand that the user pay the equivalent of $300 in Bitcoin, the untraceable cryptocurrency, with the warning “you only have three days to submit the payment…after that the price will be doubled.” If a payment is not made within a week, files will be permanently deleted, the threat continued.
While the total number of affected machines is not known, up to 28 NHS organizations across England have been hampered by the attack, according to the BBC. Prime Minister Theresa May said the British government is “not aware of any evidence that patient data has been compromised.”
Still, the NHS may have been vulnerable to an attack because it was running on outdated Microsoft software that was not supported by the company any more, according to a report from Silicon, a English IT news site.
A hacker group dubbed “The Shadow Brothers” launched the ransomware, according to the New York Times. Microsoft issued a patch to combat the ransomware in March, but outdated systems are still susceptible to the virus.
Kaspersky Lab, a Russian cybersecurity firm, has recorded more than 45,000 attacks, according to the New York Times Times. If the hackers were to receive a payout from every computer affected by the virus, it’d account for nearly $14 million.
Microsoft issued a patch for the attack, which you can find here.