Ransomware Attacks Hit Computer Systems In Dozens Of Countries | KUOW News and Information

Ransomware Attacks Hit Computer Systems In Dozens Of Countries

May 12, 2017
Copyright 2017 NPR. To see more, visit http://www.npr.org/.

AUDIE CORNISH, HOST:

Cyber extortion attacks spread across the world today. They hit organizations ranging from a telecom giant in Spain to the National Health Service in England to FedEx here in the States. The attacks used ransomware which demands payment before allowing users to access their own data again. I'm joined now by NPR tech reporter Aarti Shahani. And, Aarti, talk a little bit more about what's been going on today. What's the latest?

AARTI SHAHANI, BYLINE: Yeah, it's been quite a day. Over in the U.K., there was a massive attack. More than 30 facilities in England's National Health Service were crippled. Doctors and nurses were locked out of patient records. Now, according to officials there, it's important to note it doesn't necessarily mean that patient files themselves were stolen. All that's clear is that health care servers were broken into, and the data was encrypted, scrambled up and held hostage inside the network, not necessarily taken outside the network.

We also learned today about Telefonica, as you mentioned, the phone carrier in Spain being hit, FedEx being hit. The U.S. Department of Health and Human Services says there is evidence of this attack occurring inside the United States, though it's important to note they did not cite any specific attacks against hospitals or health care facilities. One cybersecurity firm is saying in all what they've counted is 45,000 attacks in as many as 74 countries.

CORNISH: And is there a sense that this is the same attack everywhere?

SHAHANI: We don't know, and we definitely cannot assume it. NHS Digital, which manages IT and data for England's National Health Service, they believe the specific kind of malware that targeted them is something called Wanna Decrypter. That's a ransomware attack. And it's, you know, totally different from the kinds of attacks that shut down a website, for example. So, you know, you might recall last October there were a bunch of sites like Twitter and Spotify taken down. Users couldn't visit them, access them.

This string of attacks today is much more pernicious because hackers are literally shutting down a company's access to the valuable data that they're keeping in-house like a patient record. So you can imagine, you know, I'm a doctor going to look up John Smith's chart for his triple bypass surgery, and I can't get that chart. So it's sort of devastating blow. And a strange detail about the solution is to get back the data you have to pay the ransom in Bitcoin cryptocurrency, which is an anonymous way to hand over cash.

CORNISH: Aarti, you've been talking all day with computer security experts researching this. What are you hearing?

SHAHANI: Well, I'm hearing very different things. What happens inevitably after a big attack is security experts are collecting samples of the malicious software. They're getting these samples from their own clients or through other researchers or on the Internet. They're examining it. And they disagree about what exactly may have happened. One expert tells me that according to what he's seen in his research, it was an email attack. Someone opened an attachment and fell prey.

Another expert told me something far more shocking, unsettling. According to his research, you know, you didn't even have to open an attachment, he says. It looks like the malicious software could have just wormed its way into the operating system, into the servers without human error, without that person, you know, opening that email that says win a free iPad.

CORNISH: We've been talking about hospitals and, you know, big corporations. What about individuals? What can they do to protect themselves from this attack?

SHAHANI: Yeah. You know, I definitely think today raises - it's a dramatic example of something you can definitely take a sort of personal lesson from. One very basic lesson is when you keep seeing that annoying alert about do you want to update, you know, your system, do you want to install the patch, just do it. It's worth doing it. You know, you save yourself from sort of potential dangers and headaches of this kind of thing happening.

The other thing is it's important to have an antivirus program to screen for malicious email. And one last thing I'd say that's really unique to today or a dramatic example is that, you know, if you backup your data on a trusted cloud service or an external drive, if you're ever the target of a ransomware attack, it won't really matter 'cause you have your data elsewhere. It's not held hostage.

CORNISH: That's NPR's Aarti Shahani. Thanks so much.

SHAHANI: Thank you. Transcript provided by NPR, Copyright NPR.