Manhunt for hackers behind global cyber attack

Businesses around the world scrambled on Saturday to prepare for a renewed cyberattack, convinced that a lull in a computer offensive that has stopped auto factories, hospitals, schools and other organizations in around 100 countries was only temporary.

The attacks used ransomware that apparently exploited a security flaw in Microsoft operating systems, locking users' files unless they pay the attackers a designated sum in the virtual currency Bitcoin.

"It's paused but it's going to happen again".

"I think it is concerning that we could definitely see a similar attack occur, maybe in the next 24 to 48 hours or maybe in the next week or two", Huss said.

They said an emergency security update had been issued by Microsoft and was being deployed.

"I believe many companies have not yet noticed", said William Saito, a cybersecurity adviser to Japan's government.

Dr. Chinthapalli, a neurology specialist at the National Hospital for Neurology and Neurosurgery in London, in an article on the vulnerability of the NHS network in the "British Medical Journal" on Wednesday, wrote about an incident at Papworth Hospital near Cambridge where a nurse clicked on a malicious link and malware infected her computer and started to encrypt sensitive files.

A hacking group called Shadow Brokers released the malware in April claiming to have discovered the flaw from the NSA, Kaspersky said. The tools appeared stolen by hackers, who dumped them on the internet. The agency has not responded to requests for comment.

"We need to get to the bottom of why the Government thought cyber attacks were not a risk, when a combination of warnings and plain common sense should have told ministers that there is a growing and unsafe threat to our cyber security", he said.

Governments and private security firms on Saturday that they expect hackers to tweak the malicious code used in Friday's attack, restoring the ability to self-replicate.

"It's all hands on deck", said Shane Shook, an independent security consultant whose customers include large corporations and governments.

On Saturday Home Secretary Amber Rudd urged NHS trusts to upgrade their computer systems after it was reported that 90% of NHS hospitals are still using Windows XP.

European countries, including Russian Federation, were among the worst hit.

"We expect this number to increase significantly over the course of the weekend", said Tom Robinson, lead investigator at Elliptic.

Symantec researcher Vikram Thakur said that total fix costs are likely to be in the tens of millions of dollars.

Nissan UK confirmed it was affected, but said there had been "no major impact".

He said the situation at the plant, which employs 7,000, continued to be monitored. "Ambulances are being diverted to neighboring hospitals".

German rail operator Deutsche Bahn said some electronic signs at stations announcing arrivals and departures were infected.

In Asia, some hospitals, schools, universities and other institutions were affected.

In the United States, package delivery group FedEx said it was "implementing remediation steps as quickly as possible", while French carmaker Renault was forced to stop production at sites in France, Slovenia and Romania. Portugal Telecom and Telefonica Argentina both said they were also targeted.

Europol said a special task force at its European Cybercrime Centre was "specially created to assist in such investigations and will play an important role in supporting the investigation".

Europol, the European Union's police agency, said "a complex global investigation" would be required to identify the culprits.

In a post on its website, Britain's National Cyber Security Center said that by registering a domain name that unexpectedly stopped the spread of the malware, the anonymous Britain-based cyber specialist, known as Malware Tech, had prevented further infections and "already resulted in preventing over 100,000 potential infections".

Latest News