Computers in hospitals across England are showing a terrifying message after a cyber attack.

The screen asks users to send money before they can get to their files – which include patients' most sensitive data.

It asks the hospitals to send $300 to a specific bitcoin address, at which point their files will be unlocked.

The ransomware is shocking and horrifying. But it's also well known – as Wanna Decryptor, a piece of software that can be deployed to steal money from people.


It can be used on hospitals and healthcare institutions, but on anyone else too.

Wanna Decryptor is a piece of malicious software that encrypts files on a user's computer, blocking them from view and threatening to delete them unless a payment is made.

The virus is usually covertly installed on to computers by being hidden within innocent-looking emails containing links, which users are tricked into opening.

Once opened, the malware can install on to a system without the user's knowledge.

The virus is then able to encrypt files and block user access to them, displaying a pop-up window on-screen telling users they have been blocked and demanding payment - often via a digital currency such as Bitcoin.

Transactions through digital currencies such as Bitcoin are harder to trace as they do not involve a central banking system to process or confirm transactions, instead relying on other users to do so in a peer-to-peer system, which increases the chances of anonymity.

How to best prevent being hacked

It is possible to remove ransomware such as Wanna Decryptor without payment by using advanced anti-malware software.

The malware can also be removed manually with a computer in "safe mode", however security experts warn this runs the risk of damage to a PC as users must go through sensitive system files in order to find and isolate files created by the Wanna Decryptor software.

Additional reporting by Press Association