LONDON, (Reuters) – Friday’s cyber attack hit 200,000 victims in at least 150 countries and that number could grow when people return to work on Monday, the head of the European Union’s police agency said on Sunday.
Cyber security experts say the spread of the virus dubbed WannaCry – “ransomware” which locked up computers in car factories, hospitals, shops and schools in several countries – has slowed, but that any respite might be brief.
Europol Director Rob Wainwright told ITV’s Peston on Sunday programme the attack was unique in that the ransomware was used in combination with “a worm functionality” so the infection spread automatically.
“The global reach is unprecedented. The latest count is over 200,000 victims in at least 150 countries, and those victims, many of those will be businesses, including large corporations,” he said.
“At the moment, we are in the face of an escalating threat. The numbers are going up; I am worried about how the numbers will continue to grow when people go to work and turn (on) their machines on Monday morning.”
He said Europol and other agencies did not yet know who was behind the attack but “normally it is criminally minded and that is our first working theory for obvious reasons”.
“Of course there are amounts that are being demanded, in this case relatively small amounts – $300 rising to $600 if you don’t pay within three days,” he said.
“(There have been) remarkably few payments so far that we’ve noticed as we are tracking this, so most people are not paying this, so there isn’t a lot of money being made by criminal organisations so far.”
Wainwright said Europol had been concerned about cyber security in the healthcare sector, which deals with a lot of sensitive data, but declined to comment on whether Britain’s National Health Service had been adequately funded.
Defence minister Michael Fallon told the BBC the government under Prime Minister Theresa May was spending around 50 million pounds on improving the computer systems in the NHS after warning the service that it needed to reduce its exposure to “the weakest system, the Windows XP”.
“The NHS was not particularly targeted. There were the same attacks applied to Nissan on Friday and in other areas of the economy and indeed around the world,” Fallon said.
“But let me just assure you, we are spending money on strengthening the cyber defence of our hospital system.”