LONDON: Cybersecurity experts scrambled on Saturday to contain the impact of an unprecedented global cyberattack that hit Russia’s banks, British hospitals, FedEx and European car factories.

The hunt was on for the culprits behind the assault, which was being described as one of the biggest such attack.

State agencies and major companies around the world were left reeling by the attack which blocked access to files and demanded ransom money, forcing shutdowns of computer systems.

Renault, FedEx and some Italian universities among organisations hit by assault

“The recent attack is at an unprecedented level and will require a complex international investigation to identify the culprits,” said Europol, Europe’s policing agency.

The attacks used ransomware, which locks users’ files unless they pay the attackers a designated sum in the virtual Bitcoin currency.

Images appeared on victims’ screens demanding payment of $300 in Bitcoin, saying: “Ooops, your files have been encrypted!”

Payment is demanded within three days or the price is doubled, and if none is received within seven days the files will be deleted, according to the screen message.

Mikko Hypponen, chief research officer at the Helsinki-based cybersecurity company F-Secure, said the attack was “the biggest ransomware outbreak in history”, saying that 130,000 systems in more than 100 countries had been affected.

He said Russia and India were hit particularly hard, largely because tech giant Microsoft’s older Windows XP operating software was still widely used there.

US software firm Symantec said the majority of organisations affected were in Europe, and the attack was believed to be indiscriminate.

The attacks apparently exploited a flaw exposed in documents leaked from the US National Security Agency (NSA).

Laurent Marechal, a cybersecurity expert at McAfee, said: “We still don’t know if this is worsening or easing. It is too early to tell. We are still in the analysis phase.”

In the United States, package delivery group FedEx acknowledged it had been hit by malware and said it was “implementing remediation steps as quickly as possible”. French carmaker Renault was forced to stop production at sites in France, Slovenia and Romania, saying the measure was aimed at stopping the virus from spreading.

Russia’s central bank said the Russian banking system was attacked, and the railway system also reported attempted breaches.

Germany’s Deutsche Bahn computers were also affected, with the rail operator reporting that station display panels were affected. Some Italian universities were hit.

Published in Dawn, May 14th, 2017