It combined a known and highly unsafe security hole in Microsoft Windows, tardy users who didn't apply Microsoft's March software fix, and a software design that allowed the malware to spread quickly once inside university, business and government networks. But computers and networks that hadn't updated their systems were still at risk. Staff were reportedly told to turn off their computers.
Dozens of countries were hit with a huge cyberextortion attack Friday that locked up computers and held users' files for ransom at a multitude of hospitals, companies and government agencies.
The attacks apparently exploited a flaw exposed in documents leaked from the US National Security Agency (NSA). "The National Cyber Security Centre is working with all organizations here in the United Kingdom that have been affected".
On Sunday he warned hackers could upgrade the virus to remove the "kill switch" that helped to stop it.
He said authorities were monitoring if New Zealand was affected to give Australia an early warning, but have seen no cause for concern so far, adding that the attack was a good reminder for Aussies to ensure they did everything to be safe from cyber attack.
Rob Wainwright, Europol's director, said that the ransomware attack is unique as it is combined with a "worm functionality" allowing the infection to spread automatically.
Wainwright said Europol was working with the Federal Bureau of Investigation in the United States to track down those responsible, saying that more than one person was likely behind it.
Mark Porter, chairman of the British Medical Association's council, said: "This cyber attack on NHS information systems is extremely worrying for patients and the doctors treating them".
For example, if one of your coworkers opens an infected PDF attached to an email, soon everyone in your office could be under attack.
In Brazil, the attack struck at the heart of the government - employee computers at the Justice Ministry and Brazil's social security administration were infected.
Officials say they're aware of those problems.
Numerous nearly 8,000 doctors' surgeries in England were also affected, warning of delays as doctors reverted to paper records and appointments.
Most of England's GP surgeries were closed to the public all weekend following the attack, though it is likely that many were actually working over the weekend to check their systems. State media reported that digital payment systems at some gas stations were offline, forcing customers to pay cash.
"The fact that so many computers remained vulnerable two months after the release of a patch illustrates this aspect", he said in a blog post.
The minister did not name the first Australian business affected by the ransomware attack, but hinted it was not "a government organisation or a hospital or anything like that". The company said the virus has been localized and "technical work is underway to destroy it and update the antivirus protection".
Megafon: A spokesperson for Russian telecommunications company Megafon told CNN that the cyberattack affected call centers but not the company's networks.
RSN chief executive Graham Biggs said: "This is an extremely worrying situation for rural patients and for small rural practices which operate on a limited budget". News.com.au reported the minister told reporters in Cairns that the challenge was that there were various instances of ransomware in Australia every week and authorities were now seeking to confirm whether these are the same thing that hit the United Kingdom. "At this stage, we do not have any evidence that patient data has been accessed".