flaw. how likely will quickly. --a flaw. how likely that it spreads further? extremely likely. this is a sophisticated attack that targets computers that are not up to date. i have spoken to the us department of health and they are confident their system is not as badly affected and that could be attributed quite frankly by the added investment due to the way financing works over here. but we will see many companies, particularly many public companies that do not have these cybersecurity, being attacked and also massive firms like fedex have had to turn many customers away because of their computer systems at not usable. president trump has warned that the man he fired as director of the fbi against talking to the media and

suggested that there might be take recordings of conversations. james comey had been leading an inquiry into possible collusion between trump election officials and russia. he was fired on tuesday. now the president has tweeted: that is a summary of the news. newsday is coming up later, actually, it isn't, we say that, it is just actually, it isn't, we say that, it isjust a bbc actually, it isn't, we say that, it is just a bbc world. now it is time for newsnight. a global cyber attack has disrupted nhs hospitals and gp surgeries in england and scotland resulting in cancelled operations and it shutdown. it replicates itself on one computer to the next and there's really no stopping it. it spreads itself like a plague. so who and what is behind the attack — and can they be stopped? tonight a former hacker, a former gchq boss, and the chair of the gps council are here. what's it like for one of the rising young stars of the labour party, who's not a corbyn fan,

selling the manifesto on the doorstep? i think it does make it easier when you have some clear lines in the sand between you and the other side. so, yeah, i think it will make it easier, actually, having the manifesto. missing in general election action... we go in search of one of the most senior figures in theresa may's cabinet, to try to find out if she's been sidelined. where is andrea leadsom? andrea! andrea leadsom! andrea leadsom, secretary of state for what used to be called ag and fish. andrea leadsom, are you here? and — caitlyn jenner, who before she transitioned from bruce, was feted as one of the most famous athletes in the world, talks about her long and difficultjourney to womanhood. it takes a while, time, not two years in, to kind of leave bruce behind, because he is still in there. good evening — as we go on air

the extent of the international ransomware cyber hack on 70 countries, which has struck nhs hospitals and gp surgeries in england and scotland is becoming clear. 25 nhs trusts in england and nine commissioning groups, and five nhs trusts in scotland have been affected. several hospitals have announced that only patients requiring emergency treatment should attend a&es and some surgery has been cancelled. many heathcare trusts have switched off their it systems which control everything from x—ray imaging systems, to pathology test results, phone and bleep systems, and patients' administrative information. tonight the prime minister said the government was not aware of any evidence that patient data had been compromised. well we're aware that a number of nhs organisations have reported

that they've suffered from a ransomware attack. this was not targeted at the nhs. it's an international attack and a number of countries and organisations have been affected. the national cyber security centre is working closely with nhs digital to ensure that they support the organisations concerned and that they protect patient safety. our technology editor david grossman is with me now and has been following this story this evening. just how deep are the tentacles of this ra nsomwa re? we know that it affects windows operating systems by microsoft. over the easter weekend, somebody dumped on the internet on an obscure website tools to exploit former abilities. —— on an obscure website tools to exploit vulnerabilities. who did it, we do not know. but rumours are swirling on the internet that the tools were developed by the american national security agency. we know from wikileaks they have

those kinds of capabilities but we cannot verify where the tools came from or who use them. we know that somebody exploited the vulnerabilities that those tools exploited to attack a lot of organisations. they spread the malware around the internet using ransomware. microsoft say that all that was necessary for anyone to protect themselves was to use free antivirus software, and make sure operating systems were regularly updated. microsoft issued the patches. the question is, why didn't the nhs do that, why were they vulnerable? today we found out it seems the nhs is especially vulnerable because they've not been able to afford to update all of their systems. some are so elderly they cannot be patched. just as hospitals have had to urgently update their response to the threat of superbugs, so they are now having to consider their digital hygiene, how to stop machines getting infected and then, spreading a virus to others in the network. it kind of replicates itself

from one computer to the next and there's really no stopping it, it spreads itself like the plague. the nhs, it seems, was not specifically targeted but it has been particularly vulnerable. in terms of the nhs, there have been individual malware attacks on individual trusts over the last 18 months but this is the first time we've had 21 trusts who have been affected so it's affecting multiple trusts at the same time and that's the difference. this is the screen that appeared in hospitals and gp surgeries demanding a $300 ransom to unlock files and systems. it meant cancelled operations and treatments. i had a cannula, i daren't show you... they had shaved, they were going to open me up. my arms have been shaved. i was all ready to go. nil by mouth. at half past one the surgeon turned up and said unfortunately we've been hacked and there's nothing we can do, we can't operate on you today. what will be particularly alarming

to ministers and officials at the department of health is how apparently simple this attack is. it doesn't seem to be the work of hacking geniuses, it's more the cyber equivalent of a street robbery — and yet it's managed to paralyse a good chunk of the nation's health care system. someone, somewhere in the nhs system, it seems, opened an e—mail attachment or clicked on a link which let the malware in. this threat, though, has been known about for at least six weeks and security patches to protect against it have been issued. but it seems many nhs machines had not been updated and were vulnerable. krishna guntupalli is an nhs doctor who has studied hospital it systems. he wrote an article warning about the possibility of a major shutdown just two days ago — although he says he wasn't talking about the hospital where he works, which is unaffected by the problems. these operating systems tends to be quite old. so a study injanuary suggested that 90% of nhs trusts use windows xp operating systems, which was released 15,

16 years ago by microsoft and isn't being patched orfixed by microsoft, and they've advised people to upgrade. the problem is, it's not the same as a home user. in a health care organisation, you have proprietary software running on top of those. that means unfortunately health care organisations may be some of the last to upgrade from old operating systems or programmes. that increases their vulnerabilities. that is what the hackers are exploiting. the solution is simple — but for cash—strapped nhs trusts, very expensive. not using out of date software, not using systems that are just too old to handle constant updates. they have to be remedied. there's got to be something that's done. if you constantly use old technology that's been hacked easily, or can easily be compromised, you can expect that to happen over and overagain. this attack doesn't seem to have resulted in any data loss, but the kind of personal information

that hospitals hold is really valuable to criminals. you can, after all, change your credit card number or your bank details quite easily — but you can't change your date of birth or blood type. first and foremost, we hold patient data. and this data is sensitive, including clinical information, date of birth, addresses. all of this can be sold by hackers and we don't know exactly, but maybe about ten times as much as credit card information. in a statement, the nhs in england said that patients should continue using gp and hospital services while they need them but ask them to use them wisely while what they call this major incident is continuing. jake davis is a reformed hacker, who found global infamy in 2011 as ‘topiary‘ — the face of the notorious lulz sec hacking group. he was convicted of hacking in 2013 and now works as a security consultant. professor helen stokes—lampa rd

is chair of the royal college of gps council — and joining us from bristol is brian lord, former gchq deputy director for intelligence and cyber operations. good evening. first of all, professor stokes, what is the impact on services and what will it be over the next few days? so far we know quite a lot of gp services and hospital services have been shutdown in terms of it systems but for those patients who need urgent care, doctors and patients were trained to look after patients before we had computers. we can still talk to them and examine them and make decisions on the basis of what we see and feel, not what the computers tell us. when you listen to david grossman and the doctor there saying the scope of the hack, you have sensitive information on computers and a lot of these nhs computers are out of time? yes, but they have been a good seven so far. the systems are backed up. the data is safe, it is there. but we have an absence of data

in the short—term to help us deal with patients, putting them through the systems. it is going to be a bit disrupted. david grossman there said that some of the nhs equipment is so elderly it cannot be patched so you will need new systems? indeed, and ourselves and other colleges have called for serious infrastructure investment for a long time. it's overdue. gchq's position, everyone is calling for all sorts of ways to fix this tonight, who is at work here? firstly, there will be two types of response. gchq and the national crime agency are looking at the crime itself, then you have cyber security centres working with nhs digital to work out how they can resolve the issue. this is the next step up for international organised crime. international organised crime began with low—level theft and low—level use of ransomwa re. by and large they have contracted it out and are now moving to larger scale, far more sustained and coordinated efforts,

whether it is getting inside the infrastructure of banks or, as we can see here, a well timed and well co—ordinated delivery of a simple tool, but delivered at mass scale into vulnerable areas. the vulnerable area is the nhs. as far as we know it's not in areas, like banks or operating systems for the energy industry, it is only the nhs? the nhs is especially vulnerable due to the old nature of its it systems, and also because it is very complex with interconnectivity between surgeries, trusts, boards, and so on. consequently, there is an awful lot of openings for delivery of this kind of basic malware. jake davis, you have been

a hacker in the past, what do you think is going on? i think what is terrifying is how simple it is. the kind of attack and ransomware that was deployed, it may have been a sophisticated criminal organisation orjust some kid that hit a go button and a worm has spread. they've woken up and gone, i have 50,000 computers... it wasn't only the nhs, they were hit completely by accident, telefonica as well... yes, in 70 different countries. they are putting at this ransomware, paid $300. .. do people pay up? in this ransomware there is a bitcoin address to pay the ransom. we've seen a few been paid through it. yes, it encrypts the files.