A massive cyber-attack using tools believed to have been developed by the US National Security Agency has struck organisations around the world.
Computers in thousands of locations have been locked by a programme that demands $300 (£230) in Bitcoin.
In April hackers known as The Shadow Brokers claimed to have stolen the tools and released them online. Microsoft released a patch for the vulnerability in March, but many systems may not have been updated.
How big is the attack?
There have been reports of infections in more than 70 countries, including the UK, US, China, Russia, Spain, Italy and Taiwan. One cyber-security researcher tweeted that he had detected many thousands of cases of the ransomware – known as WannaCry and variants of that name – around the world.
“This is huge,” said Jakub Kroustek at Avast.
Another, at cyber-security firm Kaspersky, said that the ransomware had been spotted cropping up in 74 countries and that the number was still growing. Many researchers say the incidents appear to be linked, but say it may not be a coordinated attack on specific targets.
Meanwhile wallets for the digital cryptocurrency Bitcoin that were seemingly associated with the ransomware were reported to have started filling up with cash.
Who has been affected?
The UK’s National Health Service (NHS) has been hit and screenshots of the WannaCry program were shared by NHS staff. Hospitals and doctors’ surgeries were forced to turn away patients and cancel appointments. One NHS worker told the BBC that patients would “almost certainly suffer and die” as a result.
Some reports said Russia had seen more infections than any other single country. Russia’s interior ministry said it had “localised the virus” following an “attack on personal computers using Windows operating system”.