United Kingdom restoring systems after cyberattack

An worldwide effort is under way to track down the criminals behind an unprecedented global cyber attack that wreaked havoc across the NHS.

On Saturday, cybersecurity officials in Britain have applauded a young researcher for helping halt the global ransomware cyberattack.

Had it not been for a young cybersecurity researcher's accidental discovery of a so-called "kill switch", the malicious software likely would have spread much farther and faster that it did on Friday.

MalwareTech now thinks the code was originally created to thwart researchers trying to investigate the ransomware, but it backfired by letting them remotely disable it.

He added: 'We have stopped this one, but there will be another one coming and it will not be stoppable by us. The security researcher has posted an online account of finding the kill switch, which was also posted to the United Kingdom government's National Cyber Security Centre website.

On Sunday he warned hackers could upgrade the virus to remove the "kill switch" that helped to stop it. "They are processing a lot of sensitive data".

The effects were felt across the globe, with Russia's Interior Ministry and companies including Spain's Telefonica, FedEx Corp.in the USA and French carmaker Renault all reporting disruptions.

Guillaume Poupard, head of France's national cybersecurity agency, said he is concerned infections could surge again Monday, when workers return to the office and turn on computers.

Researchers with Czech Republic-based security software maker Avast said they had observed more than 126,000 ransomware infections, with 60 per cent of infected computers located in Russian Federation, followed by Ukraine and Taiwan. The group claimed it was stolen from a repository of National Security Agency hacking tools.

Now that this "WannaCry" malware is out there, the world's computer systems are vulnerable to a degree they haven't been before, unless people everywhere move quickly to install Microsoft's security patches.

"That was an old system, we didn't want [NHS Trusts] to use that system, we wanted them to use modern systems that are better protected", Mr Fallon replied.

Attackers used encryption algorithms to lock files and demanded owners pay a ransom to access those files.

Victims were asked for payment of $300 (275 euros) in the virtual currency Bitcoin.

"If you have anything to patch, patch it", the researcher said in a blog post.

According to media reports, teams were working round the clock in response to the attack, which resulted in operations being cancelled, ambulances being diverted and documents such as patient records made unavailable in England and Scotland.

Since there no evidence that the patient data has been compromised by the attack, the organisation did not elaborate on the details.

They said that "while a number of systems have been targeted, it appears at this point that only one active incident has arisen in Ireland".

The former NHS Digital chairman Kingsley Manning told Radio 4 a cyber attack "was always going to happen". "Because they could have done something ages ago to get this problem fixed, and they didn't do it".

"We have not yet seen Friday's attack reoccur, there's been no new wave of attacks".

His procedure is being rescheduled within the next two weeks.

The attacks were discussed at a Cobra emergency ministerial meeting held on Saturday afternoon.

The ransomware infects victims by exploiting a Microsoft Windows vulnerability described and fixed in "Microsoft Security Bulletin MS17-010".

What can you do to protect yourself against ransomware? Here's how to turn automatic updates on. It said less than 1 percent of computers were affected, and that the virus was now "localized" and being destroyed. They say payment encourages criminal hackers, and there is no guarantee that after payment access to files will be restored.

Lord Paddick, Liberal Democrat home affairs spokesman and a former Metropolitan Police deputy assistant commissioner, said Ms Rudd was "more suited to the era of analogue".

No one has yet identified the culprit.

Dominic Vogel, chief security strategist with Cyber.SC says it's like good hygiene - keep your computer clean and safe.

"I don't think it's to do with that preparedness".