Accessibility links

'Ransomware' Affects Computers Worldwide


Patients wait near a queue number dispenser affected by "WannaCry" attack at Dharmais Cancer Hospital in Jakarta, Indonesia, May 15, 2017. (AP Photo/Dita Alangkara)

Security experts are studying a computer software virus that has affected computers in at least 150 countries.

The cyber-attack, first reported last Friday, hit companies, government agencies and hospitals across the world.

Attackers used malware, which infects computers and takes control of user data. The infection encrypts the records and blocks use of computer files. The virus can spread quickly to other electronic devices linked to the infected computer.

The cyber-attack was described by experts as ransomware. They chose this term because the computer is held “hostage” until the hackers receive a “ransom” payment.

Officials said affected computers received a message demanding payment of $300 to unlock data. Victims were told the ransom would rise to $600 within three days. Security experts said paying the money did not guarantee a fix for infected computers.

The malware used in the attack was said to be similar to a program stolen from the U.S. National Security Agency (NSA). It was identified in NSA documents published online without the agency’s knowledge. The NSA does not publicly discuss its activities. But the agency reportedly developed the malware to be used for surveillance.

The malware only affected Windows operating systems. In March, Microsoft released a software update to protect the Windows operating system. But experts said many organizations did not apply the fix or were using older software programs.

People are reflected in a glass sign of a Telefonica building in Madrid, Spain, May 13, 2017. The Spanish government said several companies including Telefonica had been targeted in ransomware cyberattack.
People are reflected in a glass sign of a Telefonica building in Madrid, Spain, May 13, 2017. The Spanish government said several companies including Telefonica had been targeted in ransomware cyberattack.

The attack locked up computers at factories, banks, government agencies and affected transport and communications systems. Europe's police agency Europol said the attack had affected more than 100,000 organizations.

Among the victims were the National Health Service (NHS) in Britain and Russia’s Interior Ministry and national railway service. Also hit were Spanish telecommunications company Telefonica, French carmaker Renault and American shipper FedEx.

NHS officials said the attack affected about one-fifth of regional groups that operate British hospitals and centers. This led to thousands of canceled appointments and operations.

A patient takes a nap on her wheelchair as she waits with others at the registration desk at Dharmais Cancer Hospital in Jakarta, Indonesia, Monday, May 15, 2017 as the hospital's information system is in trouble by cyberattack.
A patient takes a nap on her wheelchair as she waits with others at the registration desk at Dharmais Cancer Hospital in Jakarta, Indonesia, Monday, May 15, 2017 as the hospital's information system is in trouble by cyberattack.

The British health care system was still having problems on Monday. But health minister Jeremy Hunt said no new attacks were reported. He added that “the level of criminal activity is at the lower end” of what was expected.

Thousands of infections were reported on Monday - mainly in Asia, where businesses were closed when the malware first hit.

A screenshot of the warning screen from a purported ransomware attack, as captured by a computer user in Taiwan, is seen on laptop in Beijing, May 13, 2017.
A screenshot of the warning screen from a purported ransomware attack, as captured by a computer user in Taiwan, is seen on laptop in Beijing, May 13, 2017.

Chinese media said the attack affected 29,372 organizations as well as hundreds of thousands of electronic devices. Universities and other schools were among the hardest hit. Hospitals, train stations, mail delivery and other government services were also reportedly affected.

In Japan, 2,000 computers were reportedly infected. Companies including Hitachi and Nissan Motor Co. experienced problems, but said operations were not seriously affected.

In Indonesia, the malware locked patient information at two Jakarta hospitals, causing delays.

In the United States, officials said they were working to identify those responsible for the attack.

Tom Bossert is a homeland security adviser to U.S. President Donald Trump. Speaking to American television, Bossert described the attack as an "extremely serious threat." But he added the situation had been brought “under control” for now.

I’m Bryan Lynn.

Bryan Lynn adapted this story for VOA Learning English. His report was based on information from VOANews.com, the Associated Press and Reuters. George Grow was the editor.

We want to hear from you. Write to us in the Comments section, and visit our Facebook page.

________________________________________________________________

Words in This Story

cyber adj. of or involving computers or computer systems

malware n. a computer software program that is designed to damage or disable computers and computer systems

encryptv. to electronically change (information) from one form to another, especially to hide its meaning

ransom n. money paid in order to free a person being held

surveillancen. the act of watching someone or something carefully, especially in connection with law enforcement

apply v. to use in a particular situation

online adj. of or related to a computer or telecommunications system, such as the Internet

unlockv. to open or undo; to free from restrictions

Your opinion

Show comments

XS
SM
MD
LG