File image
The cyber-attack that spread rapidly around the globe was stifled when a security researcher disabled a key mechanism used by the worm to spread, but experts said the hackers were likely to return.

Hackers can still gain easy access to personal computers that lack a security update issued in March by Microsoft to fix the vulnerability in its Windows operating system. The company, which had labelled the March patch as “critical,” said it was now providing a security update for all Windows customers.

The malware, using a technique purportedly stolen from the US National Security Agency, stopped care Friday at hospitals across the UK, affected Russia’s Ministry of Interior and infected company computer systems in countries from Eastern Europe to the US and Asia.

While most organisations won’t suffer as much as the UK health-care facilities, the incident renewed the debate about the risk of governments stockpiling flaws in commercial technology and using them for hacking attacks.

In the UK, 45 organisations in the National Health Service were affected, Home Secretary Amber Rudd said on Saturday, and hospitals in London, North West England and Central England urged people with non-emergency conditions to stay away as technicians tried to stop the spread of the malicious software.

“There will be lessons to learn from what appears to be the biggest criminal cyber-attack in history,” Rudd said in response to a letter from opposition Labour Party spokesperson Jonathan Ashworth. “Our immediate priority as a government is to disrupt the attack, restore affected services as soon as possible, and establish who was behind it.”

Extortionist

Last year an acute-care hospital in Hollywood paid $17000 (R226526) in bitcoin to an extortionist who hijacked its computer systems and forced doctors and staff to revert to pen and paper for record-keeping.

Hospitals are also fertile ground for identity thieves, because of their often-lax security policies.

Bloomberg Businessweek wrote in 2015 about a spate of malware infections at hospitals where radiological machines, blood-gas analysers and other devices were compromised and used to siphon off the personal data of patients.

Other victims were most likely small and medium-sized businesses.

The cyber-attack that spread rapidly around the globe was stifled when a security researcher disabled a key mechanism used by the worm to spread, but experts said the hackers were likely to return.

The cyber-attack that spread rapidly around the globe was stifled when a security researcher disabled a key mechanism used by the worm to spread, but experts said the hackers were likely to return.