Up to 74 countries targeted by 'large-scale' cyber-attack

The NHS is among those targeted by 'ransomware'

Up to 74 countries targeted by 'large-scale' cyber-attack

A message on a computer screen informing NHS customers that they are having problems with their IT | Image: PA Images

Updated at 20:21

Up to 74 countries have been affected by the ransomware cyberattack that has struck the NHS, according to experts.

Among the other nations hit by the attack, dubbed 'Wannacry', are Spain, Russia, Ukraine and India, reported the securelist website.

IT systems of around 40 organisations across the NHS were affected by a ransomware attack, in which malicious software encrypts the data on a victim's computer and demands a ransom, usually to be paid in Bitcoin, in order to make the data accessible again.

It appears the bug was delivered via email which had an encrypted, compressed file attached. Once loaded, the hackers had access to the system.

The bug was among the leaked NSA hacking tools. Microsoft has rolled out a patch but the affected hospitals hadn't updated their systems. 

Patient data

NHS Digital, which runs the health service's IT systems, believes it has identified the malware software known as "Wanna Decryptor", which appears to be requesting $300 from victims to decrypt their computers.

"At this stage we do not have any evidence that patient data has been accessed," NHS Digital said, adding that it will "continue to work with affected organisations to confirm this."

"NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and to recommend appropriate mitigations."

The cyber-attack has lead to a number of emergency patients being diverted. The NHS has confirmed the issue and says it will release more information soon. 

East and North Hertfordshire NHS trust, one of the those affected, said in a statement:

"Today, the trust has experienced a major IT problem, believed to be caused by a cyber attack. Immediately on discovery of the problem, the trust acted to protect its IT systems by shutting them down; it also meant that the trust’s telephone system is not able to accept incoming calls."