Global Ransomware Attack Wreaks Havoc On 150 Countries

The head of Europol calls the cyber attack that began Friday "unprecedented in its scale." The malware infects Microsoft operating systems, locks up files and then demands users pay to regain access.

DAVID GREENE, HOST:

And another story we are following this morning is that global cyberattack that began Friday. It is apparently not done. People in China have been turning on their computers this morning and realizing that they have been targeted. This is ransomware, and it's been infecting Microsoft operating systems, locking up files and demanding users pay to regain access. NPR's Frank Langfitt is in London.

Good morning, Frank.

FRANK LANGFITT, BYLINE: Hey, good morning, David.

GREENE: So I know the health care system, as you know, in the U.K. was an early target here, but we're looking at 150 or so countries now affected. What is the latest this morning?

LANGFITT: Well, China's been hit hard this morning. State media's saying more than 29,000 institutions were attacked, including universities. One possibility is these schools have old computers and they were slow to update their operating systems. But it wasn't just schools, we saw railway stations, gas stations, hospitals and shopping malls and also hundreds of thousands of devices. So the problem that began on Friday has rolled over to Asia on Monday morning.

GREENE: OK, so there are a lot of countries here, in theory, a lot of governments that are trying to figure out who's behind it. Are we getting any closer to finding out who's behind this?

LANGFITT: No, David, this is - these things are apparently very hard to track, but there's sort of some broader finger-pointing that's going on, which is raising some really interesting public policy and commercial questions. You know, the malware that's widely believed to have been responsible - the malware that's believed to have been responsible for this, actually, people think it was created by the National Security Agency and it was to exploit a Windows vulnerability. Then it was stolen and ended up online.

So over the weekend, Microsoft basically seemed to blame the U.S. government for not warning the company earlier about this problem and called it the cyber equivalent of having a Tomahawk missile - Tomahawk missile...

GREENE: Oh, wow.

LANGFITT: ...Stolen. Yeah. And - but Microsoft, people say, has responsibility itself and that the company actually knew about this ransomware problem back in March but didn't roll out a patch for the old Windows systems until last weekend. I was talking to a guy here in the U.K. His name's Lawrence Jones. He's the CEO of UKFast. They do cybersecurity services here. And here's - here was his take on it.

LAWRENCE JONES: Whilst the NSA may be responsible, who knows? Microsoft are also responsible. Microsoft were able to update this patch to protect the entire world in a matter of hours, and they could have done this a lot earlier, but they chose not to.

GREENE: OK, so a lot of finger-pointing, Frank, talk of a patch that might have helped. But let's look at the future now. Is there something that could actually stop this thing from spreading more?

LANGFITT: Well, one thing is there was a 22-year-old security expert here who did slow it down over the weekend, but there's signs that there's a new version which doesn't have a kill switch, which people were able to use to kind of slow it down. There's a new version out, and people are concerned that it's a bit of a cyber arms race right now, so not quite over.

GREENE: OK, not quite over. As we said, that global cyberattack hitting China this morning, and we'll see if it gets worse from here. NPR's Frank Langfitt is following it from London. Thanks, Frank.

LANGFITT: Happy to do it, David.

Copyright © 2017 NPR. All rights reserved. Visit our website terms of use and permissions pages at www.npr.org for further information.

NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.