This article is from the source 'guardian' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at https://www.theguardian.com/society/live/2017/may/12/england-hospitals-cyber-attack-nhs-live-updates
The article has changed 42 times. There is an RSS feed of changes available.
Previous version
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
Next version
| Version 18 | Version 19 |
|---|---|
| Ransomware attack hits 99 countries with UK hospitals among targets – live updates | |
| (about 1 hour later) | |
| 6.44am BST | |
| 06:44 | |
| Here is a fuller read on the plight of the NHS as we enter day two of the crisis for the organisation, which appears by far the biggest victim of the cyber-attack. | |
| Patients at hospitals and GP surgeries in England and Scotland will face a weekend of disruption, as delays that began on Friday spill over into the weekend. | |
| The shadow health secretary Jonathan Ashworth urged the government to be “clear about what’s happened”, describing the attack as “terrible news and a real worry for patients”. | |
| 5.52am BST | 5.52am BST |
| 05:52 | 05:52 |
| The notoriously difficult process of tracking down the source of the attack begins. | The notoriously difficult process of tracking down the source of the attack begins. |
| Ciaran Martin, the head of the UK’s cyber security agency, told the BBC on Friday night: “It’s important to understand that cyber attacks can be different from other forms of crime in that their sometimes highly technical and anonymous nature means it can take some time to understand how it worked, who was behind it and what the impact is.” | Ciaran Martin, the head of the UK’s cyber security agency, told the BBC on Friday night: “It’s important to understand that cyber attacks can be different from other forms of crime in that their sometimes highly technical and anonymous nature means it can take some time to understand how it worked, who was behind it and what the impact is.” |
| IP addresses from our sinkhole have been sent to FBI and ShadowServer so affected organisations should get a notification soon. patch ASAP. | IP addresses from our sinkhole have been sent to FBI and ShadowServer so affected organisations should get a notification soon. patch ASAP. |
| 5.48am BST | 5.48am BST |
| 05:48 | 05:48 |
| The malware researcher who helped curtail the spread of the attack has pointed out that escaping this attack does not necessarily safeguard against further, similar attacks. | The malware researcher who helped curtail the spread of the attack has pointed out that escaping this attack does not necessarily safeguard against further, similar attacks. |
| So long as the domain isn't revoked, this particular strain will no longer cause harm, but patch your systems ASAP as they will try again. | So long as the domain isn't revoked, this particular strain will no longer cause harm, but patch your systems ASAP as they will try again. |
| 5.24am BST | 5.24am BST |
| 05:24 | 05:24 |
| Taiwan’s department of cyber security has said the island’s government agencies and hospital systems appear to be so far unaffected by the attack. Taiwan was prominent on the list of places affected by the WanaCrypt0r 2.0 bug. | Taiwan’s department of cyber security has said the island’s government agencies and hospital systems appear to be so far unaffected by the attack. Taiwan was prominent on the list of places affected by the WanaCrypt0r 2.0 bug. |
| However, Howard Jyan, the director general of the government department said there had been no disruption and that Taiwan was ready for any future attacks, adding “We can control the situation.” | However, Howard Jyan, the director general of the government department said there had been no disruption and that Taiwan was ready for any future attacks, adding “We can control the situation.” |
| Meanwhile, Ross Feingold, a Taiwan-based political analyst who advises on Taiwan and Hong Kong political affairs, said: “As the attack commenced on Friday night Taiwan time, many organisations, whether government or private sector, will only know the true impact on Monday morning when personnel return to work, turn on their computers, and possibly click on malware and/or otherwise discover that the organisation is the victim of ransomware.” | Meanwhile, Ross Feingold, a Taiwan-based political analyst who advises on Taiwan and Hong Kong political affairs, said: “As the attack commenced on Friday night Taiwan time, many organisations, whether government or private sector, will only know the true impact on Monday morning when personnel return to work, turn on their computers, and possibly click on malware and/or otherwise discover that the organisation is the victim of ransomware.” |
| “However, it once again demonstrates that Taiwan’s cyber security, as in other areas of its defences, requires ongoing investment in software, hardware, and personnel training so that they can identify suspicious emails in both Chinese and English.” | “However, it once again demonstrates that Taiwan’s cyber security, as in other areas of its defences, requires ongoing investment in software, hardware, and personnel training so that they can identify suspicious emails in both Chinese and English.” |
| Updated | Updated |
| at 5.27am BST | at 5.27am BST |
| 4.46am BST | 4.46am BST |
| 04:46 | 04:46 |
| This malware tracker from MalwareTech gives a map view of where the ransomware struck across the globe. The timeline underneath shows just how quickly it spread, and the sharp dip coincides presumably with the moment the “accidental hero” registered the domain name that halted the attack for the most part. | This malware tracker from MalwareTech gives a map view of where the ransomware struck across the globe. The timeline underneath shows just how quickly it spread, and the sharp dip coincides presumably with the moment the “accidental hero” registered the domain name that halted the attack for the most part. |
| 4.34am BST | 4.34am BST |
| 04:34 | 04:34 |
| The Register reports that payments appear to have been made to Bitcoin addresses given as part of the attack on the UK’s National Health Service. This attack asks for $300 in Bitcoin payments to release files encrypted on the infected device. Affected users face the prospect of paying up – with no guarantee a cyber-criminal will indeed unlock his files – or trying to resort to back-up files. | The Register reports that payments appear to have been made to Bitcoin addresses given as part of the attack on the UK’s National Health Service. This attack asks for $300 in Bitcoin payments to release files encrypted on the infected device. Affected users face the prospect of paying up – with no guarantee a cyber-criminal will indeed unlock his files – or trying to resort to back-up files. |
| 4.01am BST | 4.01am BST |
| 04:01 | 04:01 |
| The blame game for what has been described by Rohyt Belani, the chief executive of email security company PhishMe, as the “atom bomb of ransomware”, has a long way to run. | The blame game for what has been described by Rohyt Belani, the chief executive of email security company PhishMe, as the “atom bomb of ransomware”, has a long way to run. |
| The New York Times here considers whether it should be the hackers (who found and used the tool) the NSA (which appears to have had some role in exploiting a vulnerability it discovered) or the victims (organisations and people who, for a variety of reasons, did not keep their system sufficiently secure). | The New York Times here considers whether it should be the hackers (who found and used the tool) the NSA (which appears to have had some role in exploiting a vulnerability it discovered) or the victims (organisations and people who, for a variety of reasons, did not keep their system sufficiently secure). |
| 3.42am BST | 3.42am BST |
| 03:42 | 03:42 |
| A handy guide here by Alex Hern and Samuel Gibbs on the tech aspect of this event. It gives an idea of how quickly this kind of attack can spread, and how vulnerable major institutions around the world can be if their security upgrades are outpaced by hackers. | A handy guide here by Alex Hern and Samuel Gibbs on the tech aspect of this event. It gives an idea of how quickly this kind of attack can spread, and how vulnerable major institutions around the world can be if their security upgrades are outpaced by hackers. |
| 3.32am BST | 3.32am BST |
| 03:32 | 03:32 |
| The human cost of what is a random attack, spread via email, is still emerging. In the UK, thousands of patients faced disruption as x-rays, test results and patient records became unavailable and operations were cancelled. | The human cost of what is a random attack, spread via email, is still emerging. In the UK, thousands of patients faced disruption as x-rays, test results and patient records became unavailable and operations were cancelled. |
| Royal London hospital had to delay the release of newborns to go home, according to one father, whose child did not have any wrist tags. Warren Jones said: “It is normal to have two baby tags – we have got no tags. They can’t print them out, I’m guessing. It is a bit disappointing, really. I don’t know how easy it is but they have taken over a whole system and shut it down.” | Royal London hospital had to delay the release of newborns to go home, according to one father, whose child did not have any wrist tags. Warren Jones said: “It is normal to have two baby tags – we have got no tags. They can’t print them out, I’m guessing. It is a bit disappointing, really. I don’t know how easy it is but they have taken over a whole system and shut it down.” |
| Patient transfers were also hit. One woman said her daughter, who is in a wheelchair, could no longer be moved to another hospital. “I went to the nurses: ‘Oh, I need to know, is it tonight?’ and they went: ‘Did you not hear about the cyber-attack? Everything is on hold.’” | Patient transfers were also hit. One woman said her daughter, who is in a wheelchair, could no longer be moved to another hospital. “I went to the nurses: ‘Oh, I need to know, is it tonight?’ and they went: ‘Did you not hear about the cyber-attack? Everything is on hold.’” |
| You can read more here: | You can read more here: |
| 3.21am BST | 3.21am BST |
| 03:21 | 03:21 |
| NHS Digital, the information arm of the UK’s health service, has said “we do not have any evidence” that patient data has been accessed as a result of the attack. It has yet to address the issue of whether the organisation’s IT network had an outdated security set-up. | NHS Digital, the information arm of the UK’s health service, has said “we do not have any evidence” that patient data has been accessed as a result of the attack. It has yet to address the issue of whether the organisation’s IT network had an outdated security set-up. |
| 3.04am BST | 3.04am BST |
| 03:04 | 03:04 |
| I will confess that I was unaware registering the domain would stop the malware until after i registered it, so initially it was accidental. | I will confess that I was unaware registering the domain would stop the malware until after i registered it, so initially it was accidental. |
| 2.53am BST | 2.53am BST |
| 02:53 | 02:53 |
| Here is the full read on the cybersecurity researcher who appears to have played a huge role in tackling the spread of the malware, by taking control of the domain name to which the code is linked. | Here is the full read on the cybersecurity researcher who appears to have played a huge role in tackling the spread of the malware, by taking control of the domain name to which the code is linked. |
| 2.35am BST | 2.35am BST |
| 02:35 | 02:35 |
| Officials in Australia are working to ascertain whether the attack has affected organisations there. The prime minister, Malcolm Turnbull, said via a spokesman: “We are continuing to monitor the situation closely and stand ready to deal with any cyber-security threat to Australia’s critical infrastructure.” | Officials in Australia are working to ascertain whether the attack has affected organisations there. The prime minister, Malcolm Turnbull, said via a spokesman: “We are continuing to monitor the situation closely and stand ready to deal with any cyber-security threat to Australia’s critical infrastructure.” |
| There are no confirmed reports Australian organisations have been hit. | There are no confirmed reports Australian organisations have been hit. |
| 2.23am BST | 2.23am BST |
| 02:23 | 02:23 |
| Thank you, Sam. Friday’s ransomware attack has seen Taiwan become one of its main victims and we’re working to find out more details about how organisations there have been affected. The island is one of the most hacked places in the world, with its geopolitical situation. Dozens of its schools have been targeted with ransomware this year. Of course, this latest cyber-attack is more random in nature. | Thank you, Sam. Friday’s ransomware attack has seen Taiwan become one of its main victims and we’re working to find out more details about how organisations there have been affected. The island is one of the most hacked places in the world, with its geopolitical situation. Dozens of its schools have been targeted with ransomware this year. Of course, this latest cyber-attack is more random in nature. |
| 2.07am BST | 2.07am BST |
| 02:07 | 02:07 |
| What we know so far | What we know so far |
| Here’s what we know so far about the massive ransomware cyber-attack that has affected countries across the globe: | Here’s what we know so far about the massive ransomware cyber-attack that has affected countries across the globe: |
| There have been reports of tens of thousands of attacks in 99 countries, including the UK, Russia, Ukraine, India, China, Italy and Egypt. | There have been reports of tens of thousands of attacks in 99 countries, including the UK, Russia, Ukraine, India, China, Italy and Egypt. |
| The NHS was hit as part of the attack, and staff across at least 16 trusts in the UK were affected – locked out of computers and forced to divert emergency patients. | The NHS was hit as part of the attack, and staff across at least 16 trusts in the UK were affected – locked out of computers and forced to divert emergency patients. |
| Thousands of patients across England and Scotland were stuck in limbo, with many having operations cancelled at the last minute. | Thousands of patients across England and Scotland were stuck in limbo, with many having operations cancelled at the last minute. |
| By late Friday evening, the ransomware had spread to the United States and South America, though Europe and Russia were most hard hit. | By late Friday evening, the ransomware had spread to the United States and South America, though Europe and Russia were most hard hit. |
| A group called Shadow Brokers made the malware dump available online earlier this month, claiming to have stolen a cache of “cyber weapons” from the National Security Agency (NSA). | A group called Shadow Brokers made the malware dump available online earlier this month, claiming to have stolen a cache of “cyber weapons” from the National Security Agency (NSA). |
| The malicious software is known as WanaCrypt0r 2.0 and was asking for a $300 (£233) ransom per machine to be paid in cryptocurrency Bitcoin to unlock computers. | The malicious software is known as WanaCrypt0r 2.0 and was asking for a $300 (£233) ransom per machine to be paid in cryptocurrency Bitcoin to unlock computers. |
| In Spain, megaphone announcements told employees at telecom giant Telefónica to shut down their workstations immediately while the attack spread. | In Spain, megaphone announcements told employees at telecom giant Telefónica to shut down their workstations immediately while the attack spread. |
| Scotland reported that 11 health boards and its ambulance service attacked. | Scotland reported that 11 health boards and its ambulance service attacked. |
| Whistleblower Edward Snowden blamed the NSA, saying: “If @NSAGov had privately disclosed the flaw used to attack hospitals when they *found* it, not when they lost it, this may not have happened.” | Whistleblower Edward Snowden blamed the NSA, saying: “If @NSAGov had privately disclosed the flaw used to attack hospitals when they *found* it, not when they lost it, this may not have happened.” |
| FedEx also announced it was impacted and said it was “implementing remediation steps as quickly as possible”. | FedEx also announced it was impacted and said it was “implementing remediation steps as quickly as possible”. |
| The Guardian’s Graham Russell will now be taking over the blog. | The Guardian’s Graham Russell will now be taking over the blog. |