A 'kill switch' is slowing the spread of WannaCry ransomware


(AP Photo/Matt Dunham). An exterior view shows the main entrance of St Bartholomew's Hospital, in London, one of the hospitals whose computer systems were affected by a cyberattack, Friday, May 12, 2017. Hospitals, with their often outdated IT systems and trove of confidential patient data, are a particularly tempting target.

Two security firms - Kaspersky Lab and Avast - said they had identified the malware behind the attack in upward of 70 countries, although both said the attack has hit Russian Federation hardest.

The National Cyber Security Centre, part of the GCHQ electronic intelligence agency, said it was working with police and the health system to investigate the attack.

What is the virus that puts computers into hostage?

The attack is believed to be the biggest of its kind ever recorded, disrupting services in nations as diverse as the U.S., Russia, Ukraine, Spain and India.

The EU law enforcement agency also says it will require a "complex global investigation to identify the culprits".

In the wake of the attack, Microsoft said it had taken the "highly unusual step" of releasing a patch for computers running older operating systems including Windows XP, Windows 8 and Windows Server 2003.

The ransomware attack exploited vulnerabilities in the Microsoft Windows Operating System, especially those not now supported such as Windows XP, Windows 8 and Windows Server 2003. As Microsoft's blog posts makes clear, vulnerable machines aren't only a danger to themselves, but to the entire world at large.

Tens of thousands of users from London to St. Petersburg logged on yesterday to find ominous threats to delete their suddenly encrypted computer files, unless they cough up $300 or more in Bitcoin payments to the unknown perpetrators, security experts and intelligence officials told ABC News Saturday.

NHS Digital, which oversees United Kingdom hospital cyber security, says the attack used the Wanna Decryptor variant of malware, which infects and locks computers while the attackers demand a ransom. UK's the National Health Service issued an alert on the attacks earlier today. Many canceled all routine procedures and asked patients not to come to the hospital unless it was an emergency. But the ministry's website still carried a banner on Saturday afternoon saying that technical work was continuing.

More news: Relatives of jailed Venezuelan dissident seek global action
More news: Arctic summit: Trump to make 'right decision for the US' on climate
More news: Israeli Cabinet Moves to Downgrade Status of Arabic Language

Friday's ransomware attack first spread through a massive email phishing campaign.

The release confirms that, as of 3.30pm today, 16 NHS organisations had been hit by a ransomware attack.

A young cybersecurity researcher has been credited with helping to halt the spread of the global ransomware cyberattack by accidentally activating a so-called "kill switch" in the malicious software.

The radio report says the Revoz factory in the southeastern town of Novo Mesto stopped working on Friday evening to stop the malware from spreading.

Krishna Chinthapalli, a doctor at Britain's National Hospital for Neurology & Neurosurgery who wrote a paper on cybersecurity for the British Medical Journal, warned that British hospitals' old operating systems and store of confidential patient information made them an ideal target for blackmailers.

Hacking group Shadow Brokers reportedly released the malmare last month, after claiming to have discovered the flaw from the US National Security Agency.

Microsoft issued a security update on March 14 about vulnerabilities in the Windows system.

China also was targeted by the unknown computer hackers, and the USA parcel delivery firm FedEx said its operations were hit.

Spanish communications giant Telefonica said that a cybersecurity incident had affected the PCs of some employees on the company's internal corporate network.

Germany's national railway said Saturday departure and arrival display screens at its train stations were affected, but there was no impact on actual train services.