On Friday, cyber attacks hit 74 countries across Europe and Asia, impacting the public health system in Britain. Reports say that this attack stemmed from a hacking tool that was leaked from the National Security Agency.
The attack used ransomware, which is malware that encrypts data and locks a user from their data until they pay a ransom. The tool, which was leaked by a group known as Shadow Brokers, had been stolen from the N.S.A. as part of a broad range of tools illegally released in 2016.
The malware was sent as an email attachment. From there, it eventually spread.
Tom Donnelly, a spokesman for N.H.S. Digital, said the attack was still “ongoing” and that the organization was “made aware of it this afternoon,” according to an interview in The New York Times.
As a result of the attacks, phone lines went down, appointments to be canceled and patients to be turned away, but there has been no reported evidence of patient data being breached.
There were a number of pictures posted to social media highlighting the ransomware, which asked for $300 in Bitcoin.
NHS Digital, which heads cybersecurity in Britain, said the attack did not specifically target the NHS and “is affecting organizations from across a range of sectors.” In total, 16 NHS organizations said they were affected.
British Prime Minister Theresa May addressed the hacks, saying it’s not just targeted at the NHS.
“This is not targeted at the NHS, it’s an international attack and a number of countries and organisations have been affected,” May said in a statement. “The National Cyber Security Centre is working closely with NHS digital to ensure that they support the organisations concerned and that they protect patient safety.”
May added that though she was not aware of any leaked data, vigilance must be taken.
“Of course, it is important that we have set up the National Cyber Security Centre and they are able to work with the NHS organisations concerned and to ensure that they are supported and patient safety is protected,” May said.
In addition, several Spanish companies had also been affected by a ransomware attack. Spain did not say which companies were affected, but Telefonica, a telecom giant said it had detected an incident which affected some of its employees.
Hospital operator NHS Merseyside tweeted “following a suspected national cyber attack, we are taking all precautionary measures possible to protect our local NHS systems and services.”
Bart’s Health, which also operates a number of London-based hospitals, activated its major incident plan, which included canceling routine appointments and diverting ambulances to different hospitals.