China's banking regulator to step up protection after cyber attack

Patients using Queen Mary's Hospital in Sidcup were unaffected by the cyber attack which swept across the NHS last week.

HSE STAFF WERE told to turn on their computers when they got to work this morning - but not to log in - to allow for anti-virus capability to activate in the wake of a massive global cyber attack.

NHS computer systems are returning to normal after the ransomware cyber attack, health secretary Shona Robison has said.

The WannaCry malware is shaping up to be one of the largest of its kind, infecting almost a quarter-million computers in 150 nations since it was launched on Friday.

The security firm Kaspersky Lab, based in Russian Federation, noted that Microsoft had repaired the software problem that allows back-door entry into its operating systems weeks before hackers published the exploit linked to the NSA, but noted: "Unfortunately it appears that many users have not yet installed the patch".

The attacks exploit a vulnerability in outdated versions of Microsoft Windows that is particularly problematic for corporations that don't automatically update their systems.

Tom Bossert, US President Donald Trump's homeland security adviser, said people "should be thinking about this as an attack that for right now we have under control, but as an attack that represents an extremely serious threat".

Ms Rudd said the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) were now part of an "international manhunt" to find the perpetrators.

Even after payment, the ransomware doesn't automatically release your computer and decrypt your files, according to security researchers.

"Most people are not paying this, so there are not a lot of money being made with this by criminal organisations so far", he said.

Security firm Digital Shadows said on Sunday that transactions totaling $32,000 had taken place through Bitcoin addresses used by the ransomware.

"An equivalent scenario with conventional weapons would be the United States military having some of its Tomahawk missiles stolen".

"For users that are rightfully concerned about another WannaCry wave, updating their system to remove the vulnerability that it targets and blocking SMB traffic (Ports 139 and/or 445) to any system that can't be updated is critically important", he said.

At least one Australian business has fallen victim to the ransomware attack and there are investigations into two other reports, the federal government says.

This does indicate that attacks, both from the WannaCry authors and other cybercriminals, will likely continue and, despite patches being available, many systems will likely remain vulnerable for some time to come. "Most of those systems will have been patched by now, but a significant proportion won't have been".

The attack therefore spread faster than previous, smaller-scale ransomware attacks.

  • Arturo Norris