Ransomware cyberattack threat lingers as people return to work, turn on computers

Sky News reported Sunday that seven organisations which manage hospital care within England's National Health Service are continuing to divert patients from the emergency room, a figure which an NHS spokeswoman was not able to confirm to AFP.

Researchers discovered at least two variants of the rapidly replicating worm Sunday and one did not include the so-called kill switch that allowed them to interrupt its spread Friday by diverting it to a dead end on the internet.

The US Treasury Department said it will play a "leading role" in protecting the global financial system's IT infrastructure.

A company official said films were still being screened as scheduled and the company was investigating. It said less than 1% of computers were affected, and that the virus was now "localized" and being destroyed.

The attack affected an estimated 45,000 targets globally.

An unrivaled global cyber-attack is poised to continue claiming victims, even as United Kingdom health facilities whose systems were crippled early in the assault are returning to normal operation.

Gas stations: State-run media in China reported that some gas stations saw their digital payment systems shut down, forcing customers to bring cash.

As companies and individuals take stock Monday morning, the focus is turning to protecting against further attacks.

The Scottish Government is confident that no more public services will be affected after it acted to boost computer security in 120 public bodies following the weekend news that 13 health boards in Scotland had been subjected to infection by the Wanna Decryptor ransomware, also known as WannaCry.

"Obviously, they want those tools in order to spy on people of interest, on other countries, to conduct surveillance", Cluley said. These links take the user to fraudulent websites that either steal their login details or start the download of malware on the system. "In cases of genuine (universal resource locators) URLs, close out the email and go to the organisation's website directly through browser", it said.

Even if the user paid the ransom, nothing says that the hacker could not try and attack the same computer once more.

"There are certainly still systems in the government that are running XP", Edelman said. Fortunately, security researchers @benkow_ spotted the domain and Matthieu Suiche registered the kill switch today. He said the situation was under control.

There has been no evidence of the attacks in the Winnipeg Regional Health Authority, but employees have been urged nonetheless to avoid opening any suspicious-looking emails.

He continued: "It is important to emphasise that there is no evidence that patient data has been compromised. We will continue to work with affected (organizations) to confirm this", the agency said.

"As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems".

It is advisable to upgrade to the latest patch of the Windows operating system to be safe against the attack.

By drawing attention to the shortcomings of legacy computer systems, WannaCry could indirectly drive more demand to companies such as Google and Microsoft that have built massive cloud computing businesses, said Stewart Baker, a former general counsel at the National Security Agency.

Kaspersky said it was "trying to determine whether it is possible to decrypt data locked in the attack - with the aim of developing a decryption tool as soon as possible".

Senior US security officials held another meeting in the White House Situation Room on Saturday, and the Federal Bureau of Investigation and the NSA were working to help mitigate damage and identify the perpetrators of the massive cyber attack, said the official, who spoke on condition of anonymity to discuss internal deliberations.