Worldwide cyberattack impacts FedEx

WASHINGTON -- A cyberattack initially believed to be targeting only hospitals in the UK has now gone beyond, involving potentially dozens of countries.

"We are aware that a number of NHS organizations have reported they have suffered from a ransomware attack," British Prime Minister Theresa May said, while speaking on the campaign trail in the UK. "This is not targeted at the NHS. It is an international attack. A number of countries and organizations have been affected."

A report from a security firm indicates more than 45,000 malicious computer attacks in 74 countries in the past 10 hours. CNN has not independently confirmed that number.

Here in Memphis, a spokesperson for FedEx released a statement said, “Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware. We are implementing remediation steps as quickly as possible. We regret any inconvenience to our customers.”

The problem appeared to begin Friday morning when hospitals in the UK were crippled by a large-scale cyberattack, which forced operations to be canceled and ambulances to be diverted.

Health workers reported being locked out of their systems and seeing messages demanding ransom payments to regain access. NHS England described the incident as a "ransomware" attack.

At least 16 organizations connected to the National Health Service in England and an unknown number in Scotland reported being affected.

"The investigation is at an early stage but we believe the malware variant is Wanna Decryptor," officials at NHS Digital said in a statement.

"At this stage, we do not have any evidence that patient data has been accessed. We will continue to work with affected (organizations) to confirm this."

Scottish Health Secretary Shona Robison said officials were convening an emergency meeting to deal with the problem.

In Spain, the government said Friday a similar attack had affected a large number of companies. The firms included telecom giant Telefonica and the power company Iberdrola, Reuters reported.

According to Alan Woodward, a visiting professor of computing at the University of Surrey, this particular malware emerged in February, and it has one purpose: "to extort money in return for releasing the data it has encrypted."

And that's not even the worst of it.

Woodward warned there are two problems.

"First, there is no guarantee the criminals will release your data," he said, "and second, even if you do have your data released, there is no guarantee the criminals won't repeat the exercise."

He said most likely it occurred this time because some of the hospitals and other organizations affected may not have applied a patch that Microsoft released or they are using outdated operating systems no longer supported by the software giant.

Woodward said the malware "acts as a 'worm.' "

"Once inside a network it seeks out and affects any susceptible computer it can find on the network," he said. "The only sensible way to tackle it is to 'pull the plug' so that it can't spread any more until you can isolate the affected machines and work out a remediation plan."

He added, "It is a horrible lesson about why using supported software, and keeping that software updated, is so important."

Awais Rashid, a professor of software engineering at Lancaster University, said "the key question" to consider is how an attack such as Friday's could originate "from a noncritical system such as email" and then spread to other systems.

"Our society increasingly relies on interconnected systems to deliver key services such as health," he said.