TVC NEWS Vladimir Putin has blamed the US for the global cyber attack that has crippled computer systems around the world since Friday.
The cyber attack, which wreaked havoc at dozens of NHS trusts on Friday, has continued to spread, hitting thousands of computers in China and Japan.
Putin said Russia had “nothing to do” with the attack and blamed the US for creating the hacking software that affects Microsoft computers.
“Malware created by intelligence agencies can backfire on its creators,” said Putin, speaking to media in Beijing. He added that global leaders needed to discuss cyber security at a “serious political level” and said the US has backed away from signing a cyber security agreement with Russia.
Authorities fear a second wave of the “WannaCry” ransomware could hit systems as people return to work and switch on their computers on Monday morning.
Japanese computer experts said around 2,000 PCs had been affected while the Chinese news agency Xinhua reported that almost 30,000 had been hit.
Authorities had warned of a day of chaos ahead of Monday, with the National Cyber Security Centre saying that existing infections could spread through computer systems.
NHS systems appeared to be largely up and running on Monday, although seven out of the 47 trusts hit by last week’s attack are still seeking emergency support, according to NHS Digital.
Patients are being warned of slow service at surgeries, but patient data does not appear to have been compromised. The Home Secretary Amber Rudd will hold a meeting of the emergency COBRA committee later today.
The WannaCry ransomware, which locks computer systems and demands $300 (£230) in Bitcoin, hit over 200,000 computers on Friday and the impact continued to be felt across the weekend. Around £33,000 in ransoms have been paid to date, according to analysis of Bitcoin wallets.
On Sunday night, Microsoft slammed the US spy agency that had originally developed software that allowed the ransomware attack to infect computers. The “Eternal Blue” tool developed by the National Security Agency had been dumped onto the public internet by a hacking group known as the Shadow Brokers.
It was then used by the still-anonymous cyber criminals to infect PCs with Friday’s ransomware.
“The governments of the world should treat this attack as a wake-up call,” In a statement, Microsoft president Brad Smith said. “Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen.”
Microsoft released a patch over the weekend for the Eternal Blue vulnerability that defends against it even with older versions of Windows.
National Crime Agency ‘identifying patterns’ in attacks
The National Crime Agency has said it will “take time” to investigate who is behind the attacks, but said it has started “identifying patterns” in the swathes of data it has access to.
It said there is currently no indication that there will be a second wave of attacks in the UK, but warned people to still be careful.
Lynne Owens, director general of the NCA, said:
As things stand, there is no indication of a second surge of cases here in the UK.
But that doesn’t mean there won’t be one.
We’re trawling through huge amounts of data associated with the attack and identifying patterns.
The NCA is leading the criminal investigation into the attack, but for operational reasons we cannot give a running commentary.
Because of the quantity of data involved and the complexity of these kinds of enquiries we need to be clear that this is an investigation which will take time.
But I want to reassure the public that investigators are working round the clock to secure evidence and have begun to forensically analyse a number of infected computers.
Specialist cyber-crime officers from the NCA and our partner regional organised crime units are speaking directly with victims.
That includes visiting NHS sites to help protect victims and secure and preserve evidence. Those visits are continuing.
More than 150 countries have been affected, and we’re in constant communication with international partners, including Europol, Interpol and the FBI and the collaboration has been strong and effective.
The agency advised:
- Make sure your security software patches are up-to-date
- Make sure that you are running anti-virus software
- Back-up your data in multiple locations, including offline
- Avoid opening unknown email attachments or clicking on links in spam emails
- Victims of fraud should report it to Action Fraud
- We encourage the public not to pay any ransom demand