A cyber attack which crippled more than 200,000 computer systems in 150 countries could strike again on Monday, experts have warned.
The anonymous computer security expert who discovered a ‘kill switch’ which slowed the spread of a virus wreaking havoc across the globe has predicted ‘another one coming… quite likely on Monday’.
The attack which began Friday struck banks, hospitals and government agencies, exploiting known vulnerabilities in old Microsoft computer operating systems.
US package delivery giant FedEx, European car factories, Spanish telecoms giant Telefonica, the NHS and Germany’s Deutsche Bahn rail network were among those targeted.
Europol director Rob Wainwright said he is now ‘worried’ about staff in companies across the globe turning their computers on on Monday.
An international manhunt is now under way for the plotters behind what is being described as the world’s biggest-ever computer ransom assault.
Defence Secretary Sir Michael Fallon has ruled out concerns over the threat of viruses on Trident operating systems – but refused to deny the Government uses the same computer system hit by the hackers.
Meanwhile health authorities are racing to upgrade security software amid fears hackers could exploit the same vulnerability with a new virus.
But Britain’s nuclear deterrent is protected from cyber attacks, Sir Michael Fallon has said.
The Government had set aside more than £1.9 billion to tackle cyber threats, of which some £50 million went to the NHS, after an official security review highlighted hacks as a major threat, he said.
Sir Michael told the BBC’s Andrew Marr Show: ‘We never comment on the different systems, obviously for reasons of security, that our submarines use but our Vanguard submarines I can absolutely assure you, are safe and operate in isolation when they are out on patrol, and I have complete confidence in our nuclear deterrent.’
Pressed further, he said: ‘I can assure you that the nuclear deterrent is fully protected.’
Sir Michael said the NHS had been warned over cyber threats in the months before Friday’s attack but every effort is going into protecting the NHS.
He added: ‘Let me just assure you we are spending money on strengthening the cyber defence of our hospital system.’
Speaking to ITV’s Peston on Sunday, Europol director Rob Wainwright said the attack was indiscriminate across the private and public sectors.
He said: ‘At the moment we are in the face of an escalating threat, the numbers are going up, I am worried about how the numbers will continue to grow when people go to work and turn their machines on Monday morning.
‘The latest count is over 200,000 victims in at least 150 countries. Many of those will be businesses including large corporations.’
The Government had set aside more than £1.9 billion to tackle cyber threats, of which some £50 million went to the NHS, after an official security review highlighted hacks as a major threat, he said.
Sir Michael told the BBC’s Andrew Marr Show: ‘We never comment on the different systems, obviously for reasons of security, that our submarines use but our Vanguard submarines I can absolutely assure you, are safe and operate in isolation when they are out on patrol, and I have complete confidence in our nuclear deterrent.’
Pressed further, he said: ‘I can assure you that the nuclear deterrent is fully protected.’
Sir Michael said the NHS had been warned over cyber threats in the months before Friday’s attack but every effort is going into protecting the NHS.
He added: ‘Let me just assure you we are spending money on strengthening the cyber defence of our hospital system.’
Speaking to ITV’s Peston on Sunday, Europol director Rob Wainwright said the attack was indiscriminate across the private and public sectors.
He said: ‘At the moment we are in the face of an escalating threat, the numbers are going up, I am worried about how the numbers will continue to grow when people go to work and turn their machines on Monday morning.
‘The latest count is over 200,000 victims in at least 150 countries. Many of those will be businesses including large corporations.’
Data released under the Freedom of Information Act in December suggested 90 per cent of NHS trusts are using Windows XP.
There have been calls for an inquiry into the circumstances surrounding Friday’s major incident, with the Government and NHS chiefs facing questions over their preparedness and the robustness of vital systems.
Mr Wainwright explained: ‘We have been concerned for some time. The healthcare centres in many countries are particularly vulnerable. They are processing a lot of sensitive data.’
A British cyber whiz was hailed an ‘accidental hero’ after he registered a domain name that unexpectedly stopped the spread of the virus, which exploits a vulnerability in Microsoft Windows software.
The anonymous specialist, known only as MalwareTech, prevented more than 100,000 computers across the globe from being infected.
On Sunday MalwareTech issued a warning that hackers could upgrade the virus to remove the kill switch.
‘Version 1 of WannaCrypt was stoppable but version 2.0 will likely remove the flaw. You’re only safe if you patch ASAP,’ he wrote on Twitter.
The UK blogger who discovered the ‘kill switch’ and lives at home in the south of England with his mother and father – spotted a loophole in the code that meant he could block the virus.
He says he inadvertently halted the ransomware just hours after hearing news of a cyber attack on the NHS while out for lunch with a friend while on a week off from his job at an information security company.
But speaking exclusively to MailOnline, the computer expert revealed that cyber attackers are working to bring down the ’emergency stop’ which is halting the virus from spreading in a bid to infect millions more across the globe.
He said: ‘We’ve actually been getting attacks today – we don’t think it’s the actual group who were spreading the malware but another group is trying to attack us so the infections resume.
The cyber expert, who goes by the username MalwareTechBlog online, continued: ‘Obviously they haven’t actually been successful, but had they been that would actually be quite a serious thing and it wouldn’t really be something to laugh about.’
The security worker spent £8 registering the domain name the virus tries to connect with when it infects a new computer and pointed it at a ‘sinkhole server’ in Los Angeles.
It caused the malicious software to enact an ’emergency stop’, immediately halting its spread – but at first the cyber expert feared he had actually made the virus epidemic worse.
Gang behind ‘unprecedented’ attack using ‘atom bomb of malware’ which has now spread to 130,000 systems in more than 100 countries are targeted by global task force
More than 100 countries across the world have been affected by the ‘unprecedented’ cyber attack using a computer virus ‘superweapon’ dubbed the ‘atom bomb of malware’.
It is believed more than 130,000 IT systems are affected around the world, including hospitals in the UK, telecoms and gas firms in Spain, schools in China, railways in Germany and the FedEx delivery company.
The European Union’s police agency, Europol, says it is working with countries hit by the ransomware scam to rein in the threat, help victims and track down the criminals.