these days ransomware, even if you do pay the ransomware, even if you do pay the ransom sometimes thesued ransom sometimes the encryption key is issued but remainders are left behind, so that the attacker could then take over your computer again. u nfortu nately then take over your computer again. unfortunately in the specific case of this attack the infrastructure that the attackers set up was such that the attackers set up was such that their e—mail address for their payment account was shut down, so we would strongly urge folks not to try and pay this because even if you somehow succeed in getting payment across they have no way of getting the encryption keys back to you. so if we do wake up and see this message on our if we do wake up and see this message on oui’ computer if we do wake up and see this message on our computer screens, what happens then? is there nothing we can do? i would absolutely say the first thing is to turn off the computer. do an plug it from the internet, from the internet cable, from your wi—fi, but don't turn off your laptop. leave it on, call an it profe

the ransomware, propagation of the ransomware and recovery from it. while the framework does not prescribe a baseline of cyber security for organizations, for instance, a baseline that would have prevented wannacry, it does prompt a she quinequence of inter-related decisions to prevent virus infection and propagation and support expeditious response and recovery activities. on may 11th, president trump signed executive order 13800 strengthening the cyber security of federal works and critical infrastructure that mandated federal agencies to use the framework. under the executive order, every federal agency or department will need to manage their cyber security risk by using the framework and provide a risk management report to the director of the office of management and budget and to the secretary of homeland security. on may 12th, nist released a draft interagency report, the cyber security framework implementation guidance for federal agencies. which provides guidance on how the framework can be used in the united states federal government in conju

although the concept of ransomware is not new, the type of ransomware employed by wanna cry was novel. wanna cry worked by encrypting documents on a computer, instructing victims to pay $300 in bitcoin in order to regain access to their users' documents. unlike typical forms of ransomware, however, wanna cry signaled the ushering of a new type of worming. ransomware which caused the attack to spread faster and more rapidly with each new move. in light of the novelty built into wanna cry's method of attack, cybersecurity experts, including those we'll hear from today, have expressed significant concerns that wanna cry is only a preview of a more sophisticated ransom ware infection that many believe will inevitably be launched by hackers in the near future. beginning may 12, 2017, the wanna cry ransom ware infection moved rapidly across asia and europe. eventually hitting the united states. the attack infected 7,000 computers in the first hour, 110,000 distinct i.p. addresses in two days, and in almost 100 country including the u.k., russia, china, ukraine and india. experts now believe

ransomware attack. although based on information best far, the federal government systems were fortunately spared. we want to make sure the government is sufficiently prepared and light of a more sophisticated attack. we want to hear what congress can do to appropriately address this climate of new and emerging cyber security threats. through the lens of the aftermath, today's witnesses will help shed light on key steps to take to ensure systems are protected. we will also hear about how public-private partnerships are an instrumental tool to bolster the cyber security harsher. finally we will learn about how the border which makes it mandatory on the executive branch is a significant step toward ensuring the federal government cyber security posture incorporates the most innovative measures to defend against evolving threats. it is my hope our discussions today will highlight areas where improvement is necessary while offering recommendations as we move forward to enter federal government is prepared t

it suggests some of the loopholes opened the last time there was this major ransomware attack had notare now analysing the code and it seems they are using the same windows exploit that was used with wannacry, the ransomware attack a few months ago. early on people were putting it down to a piece of ransomware that‘s readily available to hackers on forums called petya. there is now some debate about whether it is petya. there is also some debate as to whether it‘s ransomware and whether it‘s a cover for something else. some people suggesting it‘s stealing admin, passwords and has a completely different purpose and is disguising itself as ransomware. the plot thickens. should you and i be worried, should people watching be worried, or is it just for organisations to be concerned with? it seems to be organisations, but that doesn‘t mean we shouldn‘t worry. if you are trying to get an aeroplane in kiev, you would face delays. the ticketing system at the ukraine metro wasn‘t working. and there were pictures from ukraine supermarkets with screens saying all the files have been encrypted. i

we did see a global ransomware. the way we have seen this attack work is we have gone from single instances where users p would gethished, -- where d, to nowld get phishe hybrid attacks where this attack we saw a few weeks ago. but it is now using new exploits to go after credentials and attack machines that are necessarily unpatched, which was the case with wannacry. they now are affecting entire networks. that's what we started to see with wannacry, and we are seeing the next step of the evolution with petya. emily: what should companies be doing to protect themselves? guest: the number one thing is make sure they are catching the -- patching the vulnerabilities they have been alerted to in their environments. second, they need to make sure they are updating all of their cybersecurity defenses. make sure they have got the latest versions of the cybersecurity software working, adequate monitoring and alerting capabilities in their organization, make sure they got users on the alert for these kinds of attacks, as we

it is a new strain of ransomware but there are similarities between this and previous attacks.took sufficient measures to upgrade their system should have been protected, but as we've seen in the past, not all firms were diligent enough to make sure that happen. attackers are only asking for $300 as a ransom payment and from our analysis not many people seem to have paid up, it seems increasingly that these attacks aren't about making money. to stay with us. we will delve into this more. we will be speaking to a co—founder of a cyber security company in boston. venezuela's president, nicolas maduro, has said that a stolen police helicopter has "attacked" the supreme court building in the capital caracas. latest reports suggest a grenade was thrown at the building, but it did not explode. president maduro said that special forces were hunting what he called the "terrorists" behind the attack. an army officer, oscar perez, who's reported to have taken control of the helicopter has posted a statement calling for action against what he described as the criminal government. the vene

our top stories: computer systems around the world are being hit by a ransomware attack.d as india and the us. the united states accuses russia and china of complicity in trafficking forced to labour from north korea. let's take a look at some front pages from around the world. like many of the uk papers, the financial times leads with the fresh cyber attack that hit a number of big companies earlier. experts say the attack is similar to the wannacry ransomeware assault that hit 150 countries last month. the philippine daily inquirer reports on the continuing siege in marawi. battle for control of the city is entering its sixth week as the government refuses to negotiate with the militants. japan times leads with the us—based pew research centre report on america's image. the survey covered 37 countries. it turns out that less than one in fourjapanese have faith in the new us president. finally, the uk the independent says some uk councils will have to shell out millions of dollars to replace poor insulation following the grenfell fire. this image highlights the painstaki

how do you see ransomware in evolving? what's next? john: the interesting thing about the rise of ransomware over the last few years is that the criminals behind it are excellent business analyst, in the sens -- analysts, in the sense that they do a really good job in evaluating where they need to invest and where they can take advantage of situations where businesses have not been able to implement defenses against known threats. what we see with this virus as well as wannacry, to some extent, is that happening. the criminals we see operating these tools are taking advantage of known tools and known tactics and being very successful because the organizations that they are compromising have not been able to fully defend themselves against these methods yet. really, organizations -- go ahead. it waswith wannacry, interesting. they did not manage to rack up that much money. is this any different? john: we've seen a similar situation here. we are really -- the return on investment for the attackers has not been all that high, which could

the ransomware virus crippled or halted major companies around the globe. the largest contender -- container shipper, the property arm of bnp paribas, or at a cadbury chocolate plant in australia. as the virus continues to spread, those who have not been hit so far asked themselves, is my cybersecurity strong enough? reporter: piled up containers at india's largest port at mumbai, the rent some attack that hit around the world. the damage operations had been done. the malicious code locked machines and demanded that victims post ransom for $300 in bitcoin or lose data entirely. security experts are questioning whether the financial been was the real goal of the attack, or whether the hackers were driven by more destructive motives. analysts in russia, which was hard hit by the attack, say very few companies understand the importance of information security. "nowadays there is lots of money online. huge amounts of important information are being processed somewhere on the internet and company computers. these attacks spread so quickly because of a lack of so

ransomware is very effective.rs can sit at home, in the comfort of their living rooms, somewhere possibly on the other side of the world, and mount these attacks with very low risk to themselves and very high upside. in many cases they'll make hundreds of thousands of dollars out of an attack like this. so far the signs are that the uk has not been badly hit but officials will be watching to see how far it spreads and how much damage this attack is really does. scotland's first minister, nicola sturgeon has scrapped plans for a second referendum on independence by the spring of 2019. she said she had reconsidered after the snp lost around a third of its seats at westminster in the general election. she now says any decision on another vote will be delayed until after the uk has left the european union. here's our scotland editor sarah smith. nicola sturgeon may not look like a woman thwarted, but she cannot now march ahead with her plans for an independence referendum — admitting today, voters have rejected that i

is that a ransomware thing >> yeah, ransomware is a fascinating trend. it doesn't work if people don't pay. but clearly people are paying. companies are paying possibly, governments are paying somebody is paying to get their data back. and that's what makes it economically worth while for the attackers to go out and hold that data. you can see a regime like a north korea that is desperate for hard dollars looking at that and saying that's for me because people are paying. the general cybersecurity procedures are always -- they always tell ceos when the company is hit, don't pay. you just encourage them again. but the temptation is so great because whatever is stolen is so valuable to the on going operations of the country, the temptation is really to pavement we're seeing people doing that and we might be seeing that again today. we'll have to take a look. >> all right reinforcing behavior, thank you for that roger, you mentioned a moment ago the cost of doing business s this another form of that? >> absolutely. but i think the thing we really should be

beeneuropean stocks have affected by the latest ransomware as well.talk about what is happening. the markets will be opening in a couple of seconds time. coal down this morning. let us talk about whether janet yellen is right or not. are we overvalued in our asset classes? ftse 100 opening reasonably flat. we will see what the stoxx 600 does. they will be down a little bit more than that. the ftse, down .1%. the stoxx 600 down .2%. i expect the cac to be opening down. half a percent. there is the cac 40. here is manus cranny. manus: the question you have got to ask yourselves is was janet itlen's comment about ?exuberant she said it was not . -- about exuberant? she said it was not. it was not an irrational exuberance moment. if you want to understand the real propensity to shift the dynamic of markets, it came from mario draghi. that trumps kuroda, and yellen. ability to be accommodative, but hinting stance, toifferent adjust quantitative easing earlier than anticipated, or isbe in line with what anticipated. financials should reset the tenor on fina

today's ransomware has some similarities but is not the same as that which struck the nhs last monthar, there's no sign of health services being affected. experts say the new attack in some ways is more sophisticated, but the aim is still to make money. well, ra nsomwa re is very effective because attackers can sit at home, in the comfort of their own living rooms, somewhere possibly on the other side of the world, and mount these attacks with very low risk to themselves and very high upside. in many cases they'll make hundreds of thousands of dollars out of an attack like this. so far the signs are that the uk has not been badly hit but officials will be watching to see how far it spreads and how much damage this attack really does. gorden correra reporting there. our other top story this hour: china has reacted angrily after the united states placed it on its global list of the worst offenders in human trafficking and forced labour. the us has accused north korea of providing up to 50,000 workers as forced labour to countries like russia and china. at a news conference, the us secr

the normal ransomware case hits companies, and it doesn't make itself public. what we're seeing possibly today -- and i think it's too early, we need to wait and see -- is what's called a ransom worm we've only seen one other like this recently, and that is, it combines ransomware, the stuff that locks up your computer and makes a demand for payment with what's called a worm, something that self-prop gates, so it keeps replicating itself across the world. normal crooks don't do that with ransomware schemes why? because look at what's happening today. it gets global attention, and that means law enforcement, nation states are going to try to see who did it. it makes it less likely that people are going to pay them. >> sorry to jump in. what's it say about the state of cybersecurity, maybe lack of cybersecurity, that teams of what are probably just a couple of guys, hackers somewhere, can shut down the computer systems of hundred billion-dollar corporations or state power grids? >> that's a great point. we are facing a global epidemic of cyber attacks because fun

this photo given to a reporter from "forbes" reportedly showing a bayer mri hacked by ransomware.pany said it put out a patch for the devices. and last january hollywood presbyterian hospital in los angeles paid out $17,000 after hackers took control of its computers. >> it was just odd to be at the hospital because all the signs said do not use the computers. i'm like, what's going on in and they said, well, we got hacked. >> reporter: cybersecurity experts is getting worse. with hospital computers and medical devices becoming potential targets for hackers. >> we went from being prone and prey with no predators to the number one targeted industry last year in less than one year. so our relative obscurity is over. >> this pacemaker can be wirelessly accessed with that number. >> reporter: it seems like something conjured straight out of our hollywood nightmares. remember that iconic scene from the second season of "homeland"? >> call a doctor. >> i don't think so. >> that tv fiction, researchers say, could now become fact. >> i'm killing you. >> reporter: the potential threat was

moving on to beat cyber attack, another ransomware attack it seems.nd the folks in ukraine seem to have been especially hard hit with shipping and the airport and so on in that country. and we've just heard that a group that make bigger household products such as debt all, clearasil and so on, they have been attacked in this as well. is this the same ra nsomwa re attacked in this as well. is this the same ransomware whistle affecting the nhs? it seems to be a variant of that. looking at the same exploit, the same defect you might say. the previous one. so that link is now out of the public domain, and people were warned that this would happen and it seems to be happening again. but details are still emerging. we do not want to rush to judgment yet. again the reasoning, why these places in ukraine or wherever and indeed this company in the uk has been affected. that is perhaps because they have not downloaded the software that would improve security. yes, indeed. and we really need to think more widely about how we protect companies. in security terms

the ransomware virus seems to have originated in ukraine. it affected banks, hospitals, in several european countries. some american companies were hit as well, including pharmaceutical giant merck. nbc's lucy kafanov is live in london with more. lucy, how is this virus working? >> reporter: good morning, frances. this is a ransomware attack, which is a type of virus that basically blocks access to a computer and then demands money to release it. so when a computer in this case is infected, the ransomware encrypts important documents and files and then demands a ransom, typically in bitcoin for a digital key to unlock those files. and if the victims haven't backed up their material, they either basically have to pay this ransom or face losing everything, so this could be very devastating for companies. this particular attack has been crippling computers worldwide. europe is affected. ukraine and russia appear to have been hardest hit in this attack. in kiev, we saw atms stop workinnd manually monitor radiation at the old chernobyl nuclear pl

at the end of the day, ransomware and this type of security threat is going to be here to stay and itnother variation using similar code that tries to use ransomware is a method to making money for cyber—criminals. businesses continued to plan and continue to have methods in place to find a solution should this happen but the individuals, what needs to be done today is the same as every day that it is up to how behaviour. we should put things in place so that should work like this hit our machines we have taken steps to stop it causing us harm. if you're using windows ten, your machine is being patched on a daily basis depending on threats. that should continue to happen. you should be spending a couple of 100 dollars and buy an external hardware. if ransomware is leased on your machine, by having the data secured and backed up, you really do not need to do much more than a rollback yours eastern and you are back running again. —— your system. a police officer repeatedly stabbed during the london bridge terror attack, has been speaking about his ordeal for the first time. pc wayne mar

experts believe that the newest spate of ransomware attacks may have originated in the ukraine.hings such as banks and airports. a vaccine has been developed to stop the immediate spread, but more cases are still being reported. earlier, the executive chairman of one of those groups and a former homeland secretary said that cyber attacks could become increasingly central to conflict. as many people with intelligence feel, i feel this conflict. as many people with intelligence feel, ifeel this is probably the most serious threat we face. terrorists, although they have not yet used cyber attacks as a destructive tool, they may decide they want to do that. you have the north koreans who have shown very little restraint and have access to cyber weapons. i do think as we get a rising tension, there is a greater likelihood that the cyber arena will become a greater area of conflict. we will soon be talking to a cyber security expert to see what companies can do to protect themselves. and taking look the dayother news. north korea has threatened the former south korean president, and a

the ransomware attack began in ukraine and russia, before spreading to companies in europe, the us and india. it's exploiting a similar loophole to the wannacry virus, which caused havoc last month. the european union has imposed a record $2.5 billion fine on google and given the company 90 days to end illegal practices that give the internet search company unfair advantages to its own shopping websites. and this story is trending on bbc.com: tennis star serena williams has posed naked for the cover of this month's vanity fair magazine. she was six months pregnant when this picture was taken by celebrity photgrapher annie liebovitz. serena says she plans to be back on court by january. stay with bbc news. more to come. there is more coming up more to come. there is more coming up from me after we catch up with all the business use. live to rico hizon and asia business report. a huge cyber attack which started in the ukraine is heading around the world. indonesia survived asian financial turmoil 20 years ago, but is it in danger of repeating its past? good morning asia. hello world. it

using a simple file that stops the ransomware in its track. unfortunately, serper's vaccine does not help... if your computer is already encrypted. and the hackers who created it could change their ransomware code... but right now, it is an option for a temporary fix.. and he has posted it on twitter. (oncam)(steve)a popular southern california illegal street racing spot . . .has turned deadly.now city officials are implementing ways to try and prevent it once and for all.the so-called "canoga speedway" in san fernando valley. . .is where 9 people have died from racing incidents in the last five years.in 2015. . . two men were killed while watching a race when one of the drivers lost control. . .and plowed into the crowd.about a week ago. . .rumble strips were installed.the move is part of a 14-thousand dollar pilot program.all is put into place to discourage street racing. (steve) a live look outside.. golden gate bridge.. (pam) brittney has the forecast all the way through the weekend.. seasonable summer pattern in place with a marine layer

today's ransomware has some similarities but is not the same as that which struck the nhs last month. and so far there's no sign of health services being affected. experts say the new attack in some ways is more sophisticated. but the aim is still to make money. well ransom was very effective because attack is considered at hyman in the comfort of their own living room somewhere possibly on the other side of the world. and met these attacks with very low risk to themselves and very high upside. in many cases the mike hundreds of thousands of dollars out of an attack like this. goten carrera pushing them brief time ago i discussed this attack with sigh banks but tone kellerman. what is your assessment of the scale of the cyber attack compared to that one that we saw in math? it's back in may called wanna cry was really a test run. of seeing if they could essentially establish a footprint on systems and create a mechanism to generate money and destroy systems there after. i this is their day real deal this is what we've been very concerned about for awhile now. especially because it's b

it is a new strain of ransomware but there are similarities between this and previous attacks.took sufficient measures to upgrade their system should have been protected, but as we've seen in the past, not all firms were diligent enough to make sure that happen. —— sure that's happened. attackers are only asking for $300 as a ransom payment and from our analysis not many people seem to have paid up, it seems increasingly that these attacks aren't about making money. senate republicans in the us have delayed a vote on their proposed healthcare bill, saying it won't happen before the american fourth of july holiday. the announcement by the senate majority leader, mitch mcconnell, is another setback to republican efforts to replace the healthcare reforms introduced by barack obama. but mitch mcconnell says he remains optimistic. we're continuing to talk about it. it's a very complicated subject. i remember how challenging it was for the democrats, when they were enacting this in 2009 and 2010. there are lot of discussions still going on, and i'm optimistic we're going to get there

because the ransomware asks not into different pockets just ask coins into one wall and what is more simple to follow up but as always it might be also that there is some false traces put in it for example last time want to cry everybody was thinking it was this had her crew caught lotsa rose from north korea but this could be also just a false treat. bruno nice to have you on our say tonight we have to leave it at that bruno kramm chairman of the burden branch for the pirate party thank you. russia's call of the united states threatening to force against the syrian government unacceptable the white house earlier claimed that the assad leadership is preparing a chemical weapons attack present terms press secretary says the u.s. will take action if that happens the united states has identified potential preparations for another chemical weapons attack by the saddam regime the united states is in syria to eliminate the slum extent of iraq and syria if however mr assad conducts another mass murder attack using chemical weapons he and his military will pay a heavy price. middle east corr

attacks first wannacry in may and now this ransomware as well. >> we'll try to get that shot back as162 just got a news halt on fedex. halted for news. if you recall on wednesday, last wednesday, fedex beat 425, beat the estimate of 388 on their quarterly earnings revenue was ahead. their forecast was pretty solid, but we'll see what the news on fedex could be overall, though, you look at the financials, it's been a pretty solid rally that we've gotten after the market got a little bit wobbly yesterday, obviously, post yellen. >> tech coming back, as well utility is the only sector in the red. i think we have the shot up now. shuman is the cto of shape security, former google fraud tech czar. we were just talking about the fact that you say this is an illustration of the problems associated with old, insecure systems remaining in use how widespread is that problem speaking of systems, we'll work on ours and try to get -- >> you wonder if the cyber attack, if we're the next victim, right? sometimes getting shots up is a problem. >> as we take a look at some of these tech stocks and ho

kpix 5's jackie ward has the latest on the ransomware that locks computers around the world causing major problems. >> reporter: it was a mess yesterday and continues to be one today. this cyber attack is a reminder that problems online at this capacity are going to continue to happen. first, it hit the ukraine where government officials reported a serious intrusion of the power grid. it also affected the chernobyl nuclear power plant where radiation monitoring had to be done manually. what's described as malicious data scrambling software then jumped over to russia and quickly went viral. >> you patch your systems properly, keep them updated, and that will really rule out a lot of these exploits that have taken place. >> it's very similar to an attack named "wannacry" that throws 300,000 computers just last month and cyber security experts predict these attacks will growing. the u.s. department of homeland security says it is monitoring the ransomware attack but still it's a little disheartening, discomforting. >> you have to be careful what you download on your computer. >> yes. >> no k

you know where every packet is supposed to go you don't know where it came from you had a ransomware attack it's hard to know where that came from. i think if you have a secure internet, we have to get over some of the privacy concerns and say people who want to should be able to opt in to an awe thenlt indicated secure internet where every package you send is encode wtd origin, not just the destination. >> the pc had the rise in the late '80s. the smart phone didn't really rise until the mid 2000s are we expecting another smart phone like revolution too soon or might it be a decade and a half from now before we see it >> we talk about this all the time i'm often on the show saying what's the next big thing? and that is google glass or the watch. it's not even quite, you know, hello alexa, put on my play list i'm in the city planning commission in new orleans. it will change how you design cities we haven't in ten years almost to the month since the iphone had anything that totally transformed our lives. >> it's ten years to the day january 29th >> wow. >> 2007. >> i was there >> you

ransomware.emingly where it started, the central bank being affected in the ukraine and the plaintiff companies, largely utilities and it has spread to russia were ross net, the world's largest oil company, has been hit. they went to a backup server and they are affected. u.k., as far away as they the biggest advertising company in the world is affected. employees are told not to use the wi-fi. the biggest container network in the world said it has been affected. clearly, plenty of companies, at least 80. is $300, not a lot of money but it is crypto currency, which is not the easiest if you're trying to get rid of the ransomware. b, the worry is if you pay us, you are funded criminality. are a lot of companies paying that? caroline: that is the key question and a similar to a month ago when we saw one virus more than 200 companies affecting the national health service in the united kingdom. plaintiff companies, the thing that was pointed at north korea was where the attacks have stemmed from. nob

the so-called ransomware assault is the second such strike in the last six weeks.i sreenivasan in new york has more. >> sreenivasan: this ransomware attack originated yesterday in ukraine, and rapidly spread through europe, and beyond. the virus is called petya, and it takes over infected computers, effectively locking out users. a payment is required to return control of the machine and data. in early may, a similar virus called wanna cry spread to over 150 countries. this new attack shows signs of greater technical sophistication, but both apparently used, in part, a tool developed by the u.s. national security agency, a tool that was leaked into the open last year. with me now for more on this is rodney joffe. he is the senior vice president and national security executive for neustar, a cyber-security firm. rodney, it seems that we have not learned that much from what happened two months ago, but it seems that the attackers have learned a little bit more. >> there's no question that this is more sophisticated. when we look at the code, when we look at the mecha

it looked like ransomware. it looked like one of -- wannacry. to be about more than that. how can we disrupt infrastructure? emily: the attacks range from russia to the u.s. to europe, specifically the motivation seems to be to wreak havoc in ukraine. >> it is hard to say, it is hard to define exactly what region they wanted to wreak havoc in because it was widespread. we got reports on grain shipments in latin america. it started to affect parts of india. how much was it targeted on ukraine and how much of this is collateral damage? it is hard to say because we do not know who is behind it yet. we do know as each one of these attacks, they are learning from it. they are learning how we can take what we have learned here and apply it to the next one. emily: also a huge story out of europe, google getting slapped with a $2.5 billion fine from the e.u., a record fine. talk to us about the fallout from it. >> there have been question marks about google's propensity and willingness to give its businesses priority in search, particularly relating to

is it helpful that the ransomware purveyors never find out that they have never actually succeeded? a lot of companies will have a regulatory need to report that. if there is credit card information for example by banks which have impacted access to services, national critical infrastructure, they have some regulatory requirements as well. for companies who do not have those impacts, we probably will not see. thank you. the americans said today that they had evidence of president assad planning another chemical attack and that it would be punished if it happened. it's a measure of the strangely intense times that we are living through in international affairs. the global role of the us is in flux — are they keeping out of wars, or getting into them? meanwhile, russia is flexing its influence and the eu is working out how to respond to it all. a good time to hold a conference on international security, as the centre for policy studies did today. among the speakers there, was the former chief of the defence staff, the professional head of the armed services, general, lord richards. i

the ransomware virus seems to have originated in ukraine. it affected banks, hospitals, utilities and other businesses in several european countries. some american companies were hit as well, including pharmaceutical giant merck. nbc's lucy kafanov is live in london with more. lucy, how is this virus working? >> reporter: good morning, frances. this is a ransomware attack, which means it encrypts and locks entire hard drives, asking owners to then pay $300 in bit coin to unlock their machines. the variety ruirus is cripplings using microsoft windows. it rapidly spread across ukraine, russia, europe. among the targets, and even the chernobyl nuclear plant. now, it's unclear who was responsible. some experts have speculated it could be a russian nation state attack designed to cause chaos in ukraine which then got out of control but that's just speculation. one expert that nbc spoke to said it's too early to tell whether or not this attack is winding down. it's affecting big companies more than individual users but all the more reason to back

the new attack may also involve ransomware. among the other huge companies struggling with problems tuesday - the world shipping giant, 'maersk. ' steve? (steve)jury selection in a case against former pharmaceutical ceo. . . martin shkrehli. . . .has hit a rough patch.defense lawyers for shkreli. . . complained today that news coverage of their client. . . is tainting the new york jury pool.a number of jurors were questioned monday. . . admitting they could not ignore shkreli's reputation for hiking the price of the life-saving drug for people with aids. . .up 5-thousand percent. the judge denied requests to restart the jury selection process.she did agree. . . to re-question people who qualified for the pool.shkreli is on trial for charges unrelated to his notorious drug pricing. (vicki) still ahead, the giants snap a five-game losing streak... but is it enough to keep the momentum going - during tonight's match up against the rockies? a preview of tonights matchup - coming up. (steve) and you might want to revise your pets di

typically in ransomware they don't ask for exorbitant sums of money.in this particular line of cyber criminality... and there is a business model? there is a business model. the business model is relatively small amounts of money so people can pay. you make the money in volume and generally the model is they will restore access to the data when you pay. if they do not do that then again people will stop paying. only 30 people paid, not a great business model. in this case perhaps the execution has not been what the more sophisticated criminals will do. whether people will then start to lose their data, and whether that then inspires more people to pay, remains to be seen. in both the wannacry case and in this case it seems that actually the damage was contained. do you still stand by the idea that it is not a question of if but when the world faces a major cyber attack that is not contained and where the damage is substantially greater than either of these attacks? i do stand by that because as i said the ransomware episodes generally speaking are ways

the ransomware programme, overwrites computer files. and this story is trending on bbc.com. creator of paddington bear — for generations one of britain's best loved characters — has passed away aged 91. michael bond first introduced the bear from darkest peru to the public in 1958. now on bbc news, it's time for hardtalk welcome to hardtalk. i'm stephen sackur. on the face of it, israel has achieved a form of stability, led by the same man for eight years, locked in a state of hostile non—communication with the palestinians, and confident in strong support from washington. but dig deeper and cracks appear. prime minister netanyahu is under investigation. israeli society appears ill—at—ease with with itself. my guess is moshe ya'alon, mr netanyahu's former defence minister turned harsh critic. how fragile is israeli unity? moshe ya'alon, welcome to hardtalk. thank you for having me. it's a pleasure. israel has just marked 50 years since the victory in the six—day war. but you seem to feel, right now, there are very serious questions about the direction israel is going in, and

virus ransomware works is that blocks the computer and ben asked for a three hundred to five hundred dollars ransom in order for the computer to be accessible again quite a pesky virus and you know to understand the magnitude of this thing just a little bit over a month ago over ninety nine countries seventy five thousand machines were affected by the same type of them around somewhere a virus called want to cry you know major hospitals in america and europe couldn't use their computers businesses went down you know causing brief have a call across but the funny thing is about that about that particular hacking attack was that russia happened to be the main target taking in most attempts and most attacks some of which were successful penetrating megafauna a major russian telecom provider and disturbing it services for over twenty four hours and now back to this recent attack that happened today. lab experts were able to tell us that. this was this malware has spread pretty much all over the planet at this point in time and it's very hard to predict when unwell and where it might stri

on line now the way this ransomware works is it locks the computer down and asked for a few hundred to five hundred dollars ransom to be paid in order for the computer to be accessible again and just to sort of understand the magnitude of this malware going across the world just a little over a month ago major attack took place of this. same type of virus called want to cry hitting more than seventy thousand computers worldwide affected major hospitals in the u.s. and the u.k. not having access to their computers business is one down you know causing major havoc all across and it's funny of that attack in particular russia happened to be the main target suffering the most attacks and taking in most attempts some very successful now as far as this attack that just happened today spares experts confirmed that this malware has spread all over the world and it's really hard to predict when and where it might hit next this is all we know so far we will keep you updated. let's get the thoughts of. a cyber security expert and joins us at the saving nice to have you on what you make of what's

petya was targetted at pcs but what people are now understanding is that, at the end of the day, ransomwareere to stay and it is probable not going be too long until we see another variation using similar code that tries to use ransomware as a method to making money for cyber—criminals. businesses, of course, continue to plan and continue to have methods in place to find a solution should this happen, but for individuals, what really needs to be done today is the same as every day — it is up to our behaviour that we do put some things in place to ensure that, should a worm like this, should ransomeware like this hit our machine, we have taken steps to stop it causing us harm. and really, at the end of the day, it's quite simple, if you're using windows 10, your machine is being patched on a daily or multiday basis, depending on what threats are out there, so continue that allow that to happen. but you should also be spending a couple of hundred dollars and buying an external harddrive to backup your data. because if ra nsomwa re is unleashed on your pc, and for many of us it's really only a

ransomware. peta has been out there for awhile. and the question is how to get you to see. some of it is apparently through a vulnerability in microsoft. that should have been patched but some people have not patched some of it may be coming in through other means. for example email fishing or other ways of evading virus anti virus. so i who's responsible hard to tell we know original easy we know the ukrainians think as the russians robs you cringe begins to russia may be multiple people. taking advantage of. getting the exploited and be able to deploy it using it for their own purposes it looks like. whoever is behind the hack was trying to cause chaos roth and trying to raise a lot of money. whenever they're ostrogoth i have three hundred dollars and only thirty people a paid up but doesn't she make you much cash well typically ransom where they don't ask for exorbitant sum. the business model for criminals in this particular line of cyber criminality enough as a business model yeah there's a bizarre business model is. relatively small amount of money so people can pay y

it is worth saying, we have seen many security experts looking at ransomware element of this attack andseems a small part of it. it is an open discussion is whether is a diverse if attack for one which is bigger. particularly in the ukraine. there are aspects that would suggest ukraine is the primary target so it could be this is a small part of a wider effort to disrupt systems. this seems so global and widespread, is this in another league? it is certainly more sophisticated than the attack we saw a month ago, the wannacry at tack. if companies had systems which are up to date this would not be an issue for them. there are patches available which would have prevented this attack harming companies. while wannacry should have been a huge wake—up call, the companies around the world, not all heeded that morning and did something about it. while it isa and did something about it. while it is a sophisticated attack, not enough lessons were learnt previously. 2008 is ago, 96 men, women and children —— 96 years ago, liverpool fans were caught in a crush when their team were playing. today, f