Cyberattack: UK working to restore hospital systems, Russian interior ministry admits being hit

(FILES) This file photo taken on January 18, 2013 shows a partial view of French car maker Renault’s headquarters in Boulogne-Billancourt, west of Paris. On May 13, French car maker Renault was hit by a global cyberattack, according to management, that simultaneously affected dozens of countries on May 12. / AFP / BERTRAND GUAY

LONDON: Britain’s National Cyber Security Center said Saturday teams are working “round the clock” to restore hospital computer systems after a global cyberattack that hit dozens of countries forced British hospitals to cancel and delay treatment for patients.
The extortion attack, which locked up computers and held users’ files for ransom, was believed the biggest of its kind ever recorded, disrupting services from the US to Russia, Spain and India. It appeared to exploit a vulnerability purportedly identified for use by the US National Security Agency and later leaked to the Internet.
Two security firms — Kaspersky Lab and Avast — said they had identified the malicious software behind the attack in upward of 70 countries, although both said the attack has hit Russia hardest.
The Russian Interior Ministry confirmed it was among those that fell victim to the “ransomware” — software that locks up a computer and typically flashes a message demanding payment to release the user’s data.
British Home Secretary Amber Rudd said Saturday that 45 public health organizations were hit, but she stressed that no patient data had been stolen. The attack froze computers at hospitals across the country, with some canceling all routine procedures. Patients were asked not to come to hospitals unless it was an emergency.
British media had reported last year that most public health organizations were using an outdated version of Microsoft Windows that was not equipped with security updates.
Elsewhere in Europe, the attack hit companies including Spain’s Telefonica, a global broadband and telecommunications company.
Germany’s national railway said Saturday that departure and arrival display screens at its stations were affected, but there was no impact on actual train services. Deutsche Bahn said it deployed extra staff to busy stations to provide customer information, and recommended that passengers check its website or app for information on their connections.
Other European organizations hit included football clubs in Norway and Sweden, with IF Odd, a 132-year-old Norwegian football club, saying its online ticketing facility was down.
French carmaker Renault also confirmed being hit by the massive wave of cyberattacks sweeping the globe.
“We have been affected,” a spokeswoman told AFP, saying they were assessing the situation to try to find a solution. “Work is going on since last night. We are doing what is needed to counter this attack,” she added.
Car production was halted at sites in France, part of several measures being taken to stop the virus from spreading. Renault also announced Saturday that the cyberattack had forced the company to stop its car production in Slovenia after computers at the headquarters of Renault’s subsidiary Revoz in Novo Mesto were affected, a spokeswoman told AFP.