"When you see the # of victims of ransomware attack using NSA's EternalBlue you realize how easy it was for them to penetrate adversaries", Wysopal tweeted.
Security researchers with Kaspersky Lab have recorded more than 45,000 attacks in 99 countries, including the UK, Russia, Ukraine, India, China, Italy, and Egypt.
Britain's National Cyber Security Centre and its National Crime Agency were looking into the United Kingdom incidents, which disrupted care at National Health Service facilities.
The cyber attack was first reported from Sweden, Britain and France, but countries like Russian Federation and Taiwan are said to be worst hit, US media outlets reported.
In a statement, Downing street said there was no evidence that patient data had been compromised.
The US Department of Homeland Security's computer emergency response team said it was aware of ransomware infections "in several countries around the world". The ransomware, known as "WanaCrypt0r 2.0" (aka WannaCry or WCry) has spread to almost 100 countries with 75,000 detections found so far.
By the group's count, the malware struck at least 74 countries.
In a statement, Kaspersky Labs said it was "trying to determine whether it is possible to decrypt data locked in the attack - with the aim of developing a decryption tool as soon as possible.".
On Saturday, a cybersecurity researcher told AFP he had accidentally discovered a "kill switch" that can prevent the spread of the ransomware.
An increase in activity of the malware was noticed yesterday, security software company Avast reported, adding that it "quickly escalated into a massive spreading".
The malware's name is WCry, but analysts were also using variants such as WannaCry.
PM's company tax cut cost rises from $50b to $65.4b
The banks are considering launching a media campaign claiming the levy will be passed on to customers and small shareholders. The government estimates the tax increase will help make $8.2 billion revenue over four years.
"The WannaCry ransomware may be exploiting a vulnerability in Server Message Block 1.0 (SMBv1)", the USCRT said.
"I'm watching how far this propagates and when governments get involved", he said.
"This event should serve as a global wake-up call - the means of delivery and the delivered effect is unprecedented", Rich Barger, director of threat research at security firm Splunk, said in a statement.
"Some ambulances are being diverted to neighbouring hospitals and we are very sorry that we have had to cancel some routine appointments".
Germany's Deutsche Bahn computers were also impacted, with the company reporting on Saturday morning that display panels in the stations were affected. Although Microsoft patched the exploit on March 14, many organisations have not yet installed the patch.
Security experts said the attack appeared to be caused by a self-replicating piece of software that enters companies and organizations when employees click on email attachments, then spreads quickly internally from computer to computer when employees share documents and other files.
"A bitcoin virus pop-up message had been introduced on to the network asking users to pay $300 to be able to access their PCs". "We should be prepared: more hospitals will nearly certainly be shut down by ransomware this year", he wrote.
"Ransomware becomes particularly nasty when it infects institutions like hospitals, where it can put people's lives in danger", said Kroustek, the Avast analyst.
NHS Greater Glasgow and Clyde, Scotland's biggest board, as well as NHS Tayside, NHS Dumfries and Galloway and NHS Forth Valley said some of their GP surgeries had been affected.
A Barts spokesman said it was experiencing "major IT disruption" and delays at all four of its hospitals. It said the attack did not specifically target the NHS.
Chancellor Philip Hammond disclosed in February that the NCSC had blocked 34,550 potential attacks targeting UK Government departments and members of the public in six months.
Comments