England's National Health Service is scrambling to respond to a large cyber attack that has crippled its ability to treat patients, after computer users in the public health system were hit with a pop-up message demanding a ransom for access to their machines.
The NHS says at least 16 of its organizations have been hit by the ransomware. In an statement released around 11:30 a.m. ET, the system's digital office said, "This attack was not specifically targeted at the NHS and is affecting organizations from across a range of sectors."
"The investigation is at an early stage but we believe the malware variant is Wanna Decryptor," the NHS says, referring to software that is being blamed for a number of ransom attacks Friday.
An IT worker at the public healthcare system tells The Guardian newspaper that it's the biggest problem they've seen in their six years working for the service.
The problem erupted around 12:30 p.m. local time, the IT worker says, with a number of email servers crashing. Other services soon went down — and then, the unidentified NHS worker says, "A bitcoin virus pop-up message had been introduced on to the network asking users to pay $300 to be able to access their PCs. You cannot get past this screen."
The U.K.'s National Cyber Security Center says it is working with both the digital office of the NHS and law enforcement.
The NHS ransomware looks like WannaCry - the same malware that has hit Telefonica and other big orgs today in Spain #nhscyberattack— Sam Gad Jones (@samgadjones) May 12, 2017
Images that were posted online of the NHS pop-up look nearly identical to pop-up ransomware windows that hit Spain's Telefonica, a powerful attack that forced the large telecom to order employees to disconnect their computers from its network — resorting to an intercom system to relay messages, according to the Bleeping Computer website.
The attack in Spain has been blamed on a piece of malware called WannaCry, or WCry, as Financial Times security editor Sam Jones reports.