Close Menu
TechCentralTechCentral

    Subscribe to the newsletter

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    Facebook X (Twitter) YouTube LinkedIn
    WhatsApp Facebook X (Twitter) LinkedIn YouTube
    TechCentralTechCentral
    • News
      Stripe, Advent in talks to buy PayPal for $53-billion

      Stripe, Advent in talks to buy PayPal for $53-billion

      15 July 2026
      SpaceX is the Dutch East India Company of the space age

      SpaceX is the Dutch East India Company of the space age

      15 July 2026
      The internet has a Strait of Hormuz problem

      The internet has a Strait of Hormuz problem

      15 July 2026
      Cape Town's Cue raises R82-million to take AI service agents global

      Cape Town’s Cue raises R82-million to take AI service agents global

      15 July 2026
      How Amazon outmanoeuvred Starlink in South Africa

      How Amazon outmanoeuvred Starlink in South Africa

      15 July 2026
    • World
      Swingeing jobs cuts at Microsoft's Xbox unit

      Swingeing jobs cuts at Microsoft’s Xbox unit

      6 July 2026

      SK Hynix ends Samsung’s 26-year reign at the top

      22 June 2026
      Google on the hook for what its AI tells users, court rules

      Google on the hook for what its AI tells users, court rules

      15 June 2026
      How Russians juggle VPNs to outwit the Kremlin

      How Russians juggle VPNs to outwit the Kremlin

      15 June 2026
      Amazon CEO flagged Anthropic AI risks to Washington - Andy Jassy

      Amazon CEO flagged Anthropic AI risks to Washington

      14 June 2026
    • In-depth
      AI boom sparks rally, frenzy and fear

      AI boom sparks rally, frenzy and fear

      11 June 2026
      Every plug-in hybrid on sale in South Africa, ranked by price - Lamborghini Temerario

      Every plug-in hybrid on sale in South Africa, ranked by price

      7 June 2026
      What Wi-Fi 8 will mean for wireless networks

      What Wi-Fi 8 will mean for wireless networks

      1 June 2026
      Alfa's electric rebel - Alfa Romeo Junior Elettrica Veloce

      Alfa’s electric rebel

      29 April 2026
      Africa switches on as Europe dims the lights

      Africa switches on as Europe dims the lights

      9 April 2026
    • TCS
      Watts & Wheels S1E7: 'Ferrari's EV breaks the internet'

      Watts & Wheels S1E7: ‘Ferrari’s EV breaks the internet’

      8 July 2026
      TCS+ | How Tracker is turning vehicle data into business strategy - Silvia Schollenberger

      TCS+ | How Tracker is turning vehicle data into business strategy

      1 July 2026
      TCS+ | IBM Bob: an AI-powered 'development partner' for the enterprise - David Spurway

      TCS+ | IBM Bob: an AI-powered development partner for the enterprise

      30 June 2026
      Watts & Wheels S1E6: 'A flawless Alfa and a bakkie that divides'

      Watts & Wheels S1E6: ‘A flawless Alfa and a bakkie that divides’

      17 June 2026
      Watts & Wheels S1E6: 'A flawless Alfa and a bakkie that divides'

      Watts & Wheels S1E5: ‘A Bentley of the bush and a car that swims’

      8 June 2026
    • Opinion
      The author, Fanie van Rooyen

      South Africa can still catch the AI wave – here’s how

      7 July 2026
      The author, Fanie van Rooyen

      The AI utopia South Africa can’t afford

      1 July 2026
      The author, Jannie van Zyl

      South Africa’s broadband future is being decided in orbit, not in Pretoria

      30 June 2026
      The author, Pambos Soteriades

      The pivot South Africa’s MVNOs cannot afford to miss

      23 June 2026
      Brazil's online gambling crackdown is a lesson for South Africa

      Brazil’s online gambling crackdown is a lesson for South Africa

      22 June 2026
    • Company Hubs
      • 1Stream
      • Africa Data Centres
      • AfriGIS
      • Altron Digital Business
      • Altron Document Solutions
      • Altron Group
      • Arctic Wolf
      • Ascent Technology
      • AvertITD
      • BBD
      • Braintree
      • CallMiner
      • CambriLearn
      • CM Telecom
      • Contactable
      • CYBER1 Solutions
      • Digicloud Africa
      • Digimune
      • Domains.co.za
      • ESET
      • Euphoria Telecom
      • HOSTAFRICA
      • Incredible Business
      • iONLINE
      • IQbusiness
      • Iris Network Systems
      • Kaspersky
      • LSD Open
      • Mitel
      • NEC XON
      • Netstar
      • Network Platforms
      • Next DLP
      • Ovations
      • Paracon
      • Paratus
      • Q-KON
      • SevenC
      • SkyWire
      • Solid8 Technologies
      • Telit Cinterion
      • Telviva
      • Tenable
      • Vertiv
      • Videri Digital
      • Vodacom Business
      • Wipro
      • Workday
      • XLink
    • Sections
      • AI and machine learning
      • Banking
      • Broadcasting and Media
      • Cloud services
      • Contact centres and CX
      • Cryptocurrencies
      • Education and skills
      • Electronics and hardware
      • Energy and sustainability
      • Enterprise software
      • Financial services
      • HealthTech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Lifestyle
      • Policy and regulation
      • Public sector
      • Retail and e-commerce
      • Satellite communications
      • Science
      • SMEs and start-ups
      • Social media
      • Talent and leadership
      • Telecoms
      • Watts & Wheels
    • Events
    • Advertise
    TechCentralTechCentral
    Home » Top » Extortionists mount global cyberattack

    Extortionists mount global cyberattack

    By Agency Staff13 May 2017
    Twitter LinkedIn Facebook WhatsApp Email Telegram Copy Link
    News Alerts
    WhatsApp

    Extortionist hackers who may be using leaked computer exploits from the US National Security Agency have infiltrated computers in dozens of countries in a fast-spreading attack that forced British hospitals to turn away patients and breached systems at Spain’s Telefonica and organisations from Russia to Taiwan.

    The ransomware used in Friday’s cyberattacks encrypts files and demands that victims pay US$300 in bitcoin for them to be decrypted, the latest in a vexing style of security breaches that, at the very least, forces organisations to revert to backup systems to keep critical systems running.

    The malicious software has infected more than 75 000 computers in 99 countries worldwide on Friday, most of them concentrated in Russia, Ukraine and Taiwan, according to Dutch cybersecurity company Avast Software.

    The attackers were exploiting a vulnerability in Microsoft software that was patched in March, according to cybersecurity researchers. Attack code targeting that vulnerability was released publicly by Shadow Brokers, a group that has been leaking stolen hacking tools purportedly from the NSA. That connection has given critics of US hacking ammunition for their argument that governments finding flaws in commercial technologies and keeping them secret for the purpose of exploiting them can carry a public risk.

    “These attacks underscore the fact that vulnerabilities will be exploited not just by our security agencies, but by hackers and criminals around the world,” said Patrick Toomey, a staff attorney at the American Civil Liberties Union’s National Security Project. “It is past time for [the US] congress to enhance cybersecurity by passing a law that requires the government to disclose vulnerabilities to companies in a timely manner. Patching security holes immediately, not stockpiling them, is the best way to make everyone’s digital life safer.”

    While the victim tally is likely to grow, the ransomware, called WanaCrypt0r, only affects computers that haven’t applied Microsoft’s two-month-old fix, a reminder that individuals and organisations that don’t routinely update their machines are vulnerable. Hospitals are notoriously slow in applying security fixes, in part because of how disruptive it is to take patient-facing equipment and databases offline. That has made them a reliable target of ransomware and identity-theft attacks, and why they routinely fall victim even to random mass attacks.

    Hospital warnings

    In the UK on Friday, hospitals urged people with non-emergency conditions to stay away after the cyberattack affected large parts of the country’s National Health Service. Forty-five NHS organisations were hit, while a large number of Spanish companies were also attacked using ransomware.

    “We’re not able to tell who’s behind the attack,” home secretary Amber Rudd told the BBC on Saturday. “It’s not targeted at the NHS — it feels random in terms of where it’s happened.”

    Rudd said she’d been told there was no evidence of patient data being stolen, and said the hack was partly the result of people using outdated operating systems. “Windows XP is not a good platform for keeping your data secure,” she said.

    Hospitals in London, north-west England and central England have all been affected, according to the BBC. Mid-Essex Clinical Commissioning Group, which runs hospitals and ambulances in an area east of London, said on Twitter that it had “an IT issue affecting some NHS computer systems”, adding: “Please do not attend Accident And Emergency unless it’s an emergency!”

    The impact on services is not due to the ransomware itself, but due to NHS Trusts shutting systems to prevent it from spreading, said Brian Lord, a former deputy director of Government Communications Headquarters (GCHQ), the UK’s signals intelligence agency, who is now MD of cybersecurity firm PGI Cyber. Lord, who described an attack of this type as “inevitable”, said the impact was exacerbated because most NHS Trusts had “a poor understanding of network configuration meaning everything has to shut down”.

    Ransom message

    A screenshot of an apparent ransom message, sent to a hospital, showed a demand for $300 in bitcoin for files that had been encrypted to be decrypted.

    Workers across the NHS have since been sent e-mails from the health service’s IT teams warning not to open or click on suspicious attachments or links.

    Spain’s National Cryptologic Centre, which is part of the country’s intelligence agency, said on its website that there had been a “massive ransomware attack” against a big number of Spanish organisations affecting Microsoft’s Windows operating system. El Mundo reported that the attackers sought a ransom in bitcoin.

    “Today, many of our customers around the world and the critical systems they depend on were victims of malicious ‘WannaCrypt’ software,” Phillip Misner, principal security group manager at Microsoft’s Security Response Centre, said in a statement on the company’s website. “Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painful.”

    Misner said the company took the “highly unusual step” of releasing free security patches for unsupported out-of-date operating systems, including Windows XP and Windows Server 2003.

    While Friday’s attack could damage the reputation of Microsoft’s security, it’s likely to be limited, said Sid Parakh, a fund manager at Becker Capital Management, which owns Microsoft stock. There have been so many high-profile hacks that if a fix is available, it’s the user’s responsibility to download it, he said.

    “Every time this happens, it hurts the underlying product’s reputation,” Parakh said. But Microsoft has “been in a worse state in the past”.

    Unsuspecting victims

    Ransomware typically gets onto a computer when a person unsuspectingly downloads a file that looks like a normal attachment or Web link. A hacker can then trigger the malware to freeze the computer, prompting a person to pay a ransom or lose all their files.

    Hospitals have been a common target because the culprits know how critical digital records are for treating patients. There have been several incidents in the US, including one in Indiana where a hospital’s IT system was taken down and patients had to be diverted to other facilities, according to a local news report.

    Ransomware attacks have also been soaring. The number of such attacks increased 50% in 2016, according to an April report from Verizon Communications. These types of attacks account for 72% of all the malware incidents involving the healthcare industry in 2016, according to Verizon.

    “The large-scale cyberattack on our NHS today is a huge wake-up call,” said Jamie Graves, CEO of cybersecurity company ZoneFox.

    Andrew Barratt, managing principal of Coalfire, a company which provides cybersecurity risk assessments to the healthcare sector, said that many NHS hospitals used PCs with outdated Windows operating systems, which have makes them easy to attack. He said many of these systems were too old to patch and that many NHS Trusts did not spend enough time on technical best practices and audits, leaving them vulnerable to a variety of potential cyberattacks, including ransomware.  — (c) 2017 Bloomberg LP

    Follow TechCentral on Google News Add TechCentral as your preferred source on Google


    WhatsApp YouTube
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email Copy Link
    Previous ArticleState won’t appeal nuclear ruling
    Next Article Ransom hackers dealt setback; may return

    Related Posts

    Stripe, Advent in talks to buy PayPal for $53-billion

    Stripe, Advent in talks to buy PayPal for $53-billion

    15 July 2026
    SpaceX is the Dutch East India Company of the space age

    SpaceX is the Dutch East India Company of the space age

    15 July 2026
    The internet has a Strait of Hormuz problem

    The internet has a Strait of Hormuz problem

    15 July 2026
    Company News
    Biometrics alone won't stop AI-powered fraud - Contactable

    Biometrics alone won’t stop AI-powered fraud

    15 July 2026
    How Paratus and Eutelsat are connecting Southern Africa's mines

    How Paratus and Eutelsat are connecting Southern Africa’s mines

    14 July 2026
    Rain supercharges 5G with Huawei

    Rain supercharges 5G with Huawei

    10 July 2026
    Opinion
    The author, Fanie van Rooyen

    South Africa can still catch the AI wave – here’s how

    7 July 2026
    The author, Fanie van Rooyen

    The AI utopia South Africa can’t afford

    1 July 2026
    The author, Jannie van Zyl

    South Africa’s broadband future is being decided in orbit, not in Pretoria

    30 June 2026

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    Latest Posts
    Stripe, Advent in talks to buy PayPal for $53-billion

    Stripe, Advent in talks to buy PayPal for $53-billion

    15 July 2026
    SpaceX is the Dutch East India Company of the space age

    SpaceX is the Dutch East India Company of the space age

    15 July 2026
    The internet has a Strait of Hormuz problem

    The internet has a Strait of Hormuz problem

    15 July 2026
    Cape Town's Cue raises R82-million to take AI service agents global

    Cape Town’s Cue raises R82-million to take AI service agents global

    15 July 2026
    © 2009 - 2026 NewsCentral Media
    Built and maintained by Chronon
    • Cookie policy (ZA)
    • TechCentral – privacy and Popia

    Type above and press Enter to search. Press Esc to cancel.

    Manage consent

    TechCentral uses cookies to enhance its offerings. Consenting to these technologies allows us to serve you better. Not consenting or withdrawing consent may adversely affect certain features and functions of the website.

    Functional Always active
    The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
    Preferences
    The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
    Statistics
    The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
    Marketing
    The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
    • Manage options
    • Manage services
    • Manage {vendor_count} vendors
    • Read more about these purposes
    View preferences
    • {title}
    • {title}
    • {title}