A massive cyberattack that has hit hospitals in Britain and businesses in Spain appears to be spreading to other organizations around the world.
A large number of hospitals across Britain were hit by a cyberattack Friday, shutting down their computer systems and forcing the cancelation of patient appointments.
According to Britain’s National Health Service (NHS), hospital computers were infected with a type of “ransomware” that blocks the use of a computer system until victims agree to pay the attacker a ransom to free it up.
Similar incidents now have been reported in the United States, China, Russia, Portugal, Italy and several other countries.
Costin Raiu, the director of Global Research and Analysis for Russian anti-virus software-maker Kaspersky Labs, said he had recorded more than 45,000 attacks in 74 different countries using the ransomware.
Another malware researcher, Jakub Kroustek of Avast Software, said his company had detected 57,000 attacks using the ransomware.
“This attack once again proves that ransomware is a powerful weapon that can be used against consumers and businesses alike,” Kroustek wrote in a blog post on the Avast website. “Ransomware becomes particularly nasty when it infects institutions like hospitals, where it can put people’s lives in danger.”
Photos posted on social media show infected computers with some variation of the message “Ooops, your files have been encrypted,” and a demand for $300 worth of Bitcoin, an anonymous online currency.
At least 16 NHS organizations reported being affected by the ransomware attack.
While the affected hospitals were forced to turn away patients and divert ambulances to other facilities, the NHS said the attackers hadn’t breached any patient data.
“NHS Digital is working closely with the National Cyber Security Center, the Department of Health and NHS England to support affected organizations and to recommend appropriate mitigations,” the health agency said in a statement.
The NHS said it was not attacked specifically, and the attack is “affecting organizations from across a range of sectors.”
Around the same time Friday, the Spanish energy ministry reported various cyberattacks aimed at Spanish companies, including telecom giant Telefonica, using ransomware software.
Telefonica said in a statement it was aware of the “cybersecurity incident” but that none of its clients or services had been affected.
Portugal Telecom also was hit by a cyberattack, but no services were affected, a spokeswoman for the company said.