Science

A Cyberattack is Happening in 70 Countries Right Now

The attackers made use of an NSA tool that leaked last year.

by Cory Scarola
Getty Images / Dan Kitwood

A massive cyberattack is underway in Europe and Asia, made possible through the use of a recently leaked tool that belonged to the National Security Agency.

The attacks are spread across about 70 countries in Europe and Asia, including the UK, Russia, Spain, Turkey, and Vietnam, and are reportedly still ongoing. The targets appear, at this time, to be medical and telecommunication networks, with the National Health Service in the UK taking the hardest — and potentially most life-threatening — hit.

In a statement issued Friday, the NHS said that it was hit by a ransomware software called Wanna Decryptor but noted that the NHS alone did not appear to be the main target of the attacks. The statement went on to say that, “16 NHS organisations had reported that they were affected by this issue.”

Ransomware is a form of malware that essentially hijacks a computer or system and then demands some form of compensation, usually monetary, in order to see it unlocked and returned again. For the NHS, specifically, this meant doctors were locked out of the system, and reportedly could not access important medical information, like patient files.

The attackers, whose identity and organizational affiliations, if any, are not yet known, used a software exploit that was developed by the American NSA before being leaked in a data dump by a group calling themselves the Shadow Brokers. The name is an apparent reference to the video game series Mass Effect, wherein the Shadow Broker is a mysterious individual who trades in compromising information.

It is not known whether the Shadow Brokers themselves are responsible for the attacks. Although The New York Times reports that they have been “dumping stolen NSA hacking tools online beginning last year.”

In March of 2016, Microsoft — the company whose software was targeted by the vulnerability — reportedly released a fix for it after the NSA information was leaked. The affected institutions and service, however, had yet to update their own software.

For services as crucial as the NHS to neglect, for over a year, defending their software from a known vulnerability is sure to be a cause of controversy once the dust settles. It highlights how far many countries and organizations have yet to come in terms of defending themselves against cyber threats. Also likely to face renewed scrutiny is the NSA, for creating the exploit in the first place.

Related Tags