The Barts Health Group, which helps manage some of the largest hospitals in London, said, "We are experiencing a major IT disruption and there are delays at all of our hospitals."
Patients had to be turned away from surgeries and appointments at medical facilities throughout England, and ambulances had to be rerouted to other hospitals as well.
Telefonica, one of the largest telecommunications companies in Spain, was one target, though their services and clients were not affected, as the malicious software only impacted certain computers on an internal network.
The malware used in the cyberattack has been identified as “Wanna Decryptor” or “Wanna Cry.” This “ransomware” is designed to lock up machines, not returning access until a ransom is paid.
A spokesman for Telefonica said that infected machines showed a window saying they could not regain access to files until the hackers were paid using the cryptocurrency Bitcoin.
The window gave a set of a set of instructions explaining what was happening and supplied an email address where users could send the ransom money.
Avast wrote on its website, "This attack once again proves that ransomware is a powerful weapon that can be used against consumers and businesses alike. Ransomware becomes particularly nasty when it infects institutions like hospitals, where it can put people’s lives in danger."
As of Friday afternoon the company has recorded 50,000 attacks worldwide.
The attack is spreading globally, with new incidents reported in East and Southeast Asia. The Russian Ministry of the Interior also reported being hit by a virus that attacked personal computers running Microsoft Windows, according to spokesperson Irina Volk. She said that all the infected machines, 1,000 in total, were blocked and that they make up less than 1 percent of the computers in the ministry. The Russian Ministry of Emergencies also reported an attempted attack, but said in a statement that it was quickly blocked.
Czech security company Avast has been following the attack and believes it could be linked to leaked US National Security Agency hacking tools made available by the Shadow Brokers, a group of hackers that first cropped up last summer.
Chris Wysopal, chief technology officer with the Veracode cyber security firm, said, "Seeing a large telco like Telefonica get hit is going to get everybody worried. Now ransomware is affecting larger companies with more sophisticated security operations."
Chris Camacho from the Flashpoint cyber intelligence firm fears that this incident will encourage other hackers to seek out larger targets, remarking, "Now that the cyber criminals know they can hit the big guys, they will start to target big corporations. And some of them may not be well prepared for such attacks."
The government of Scotland announced that it would be holding an emergency response meeting to address the issue.
