Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

NHS cyber attack: Edward Snowden says NSA should have prevented cyber attack

The malicious software was developed by the National Security Council and funded by American taxpayers before being leaked 

Chloe Farand
Saturday 13 May 2017 14:24 BST
Edward Snowden said the NSA had been warned it attack tools could be used to target western softwares
Edward Snowden said the NSA had been warned it attack tools could be used to target western softwares

Edward Snowden has blamed the National Security Council for not preventing a cyber attack which infiltrated the computer systems of organisations in 74 countries around the world.

In a tweet, the National Security Council (NSA) whistleblower said: “Despite warnings, @NSAGov built dangerous attack tools that could target Western software. Today we see the cost.”

Dozens of hospital trusts across the UK have been hit by a huge cyber attack, believed to be the biggest of its kind ever recorded, which plunged the NHS into chaos.

The malicious software, which locked up computers and held users' files for ransom, is believed to have been stolen from the NSA and leaked.

Reports say the ransomware is taking advantage of EternalBlue, an exploit used by NSA spies to secretly break into Windows machines.

According to the New York Times, a group calling itself the “Shadow Brokers” began to post software tools that came from the US government’s stockpile of hacking weapons last summer.

The malware, called Wanna Detector, is also believed to have been leaked in WikiLeaks’ Vault 7 release earlier this year.

Mr Snowden said the US Congress should be asking the NSA if it is aware of any vulnerabilities of the software that could be exploited.

"If @NSAGov had privately disclosed the flaw used to attack hospitals when they *found* it, not when they lost it, this may not have happened," he tweeted.

The whistleblower pointed the finger of blame at the NSA and said that if it had disclosed system vulnerabilities, "hospitals would have had years - not months - to prepare".

NHS cyber hack: Five key questions answered

The Times reported this was the first time a cyber weapon developed by the NSA, which was funded by American taxpayers, had been stolen and unleashed against patients, hospitals, businesses and governments.

The US never acknowledged the cyber weapons posted by “Shadow Brokers” belonged to the NSA but it was reportedly confirmed by former intelligence officials.

Mr Snowden said the NSA had been warned of the dangers of building these cyber weapons but now the attack will raise questions over countries’ intelligence services’ ability to prevent the tools from being stolen and turned against them.

Hackers seemingly took advantage of the fact hospitals had not updated their IT systems.

Dr Krishna Chinthapalli, a doctor who predicted a cyber attack on the NHS in an article published just two days ago, has said hackers had been targeting hospitals for a couple of years.

His article, 'The hackers holding hospitals to ransom', published in the British Medical Journal (BMJ) on Wednesday, described NHS organisations as the “ideal victims” of cyber attacks, and said dozens of smaller hacks had happened in the past.

Earlier this week, the BMJ said up to 90 per cent of NHS computers still ran Windows XP and previous reports found public health organisations were using an outdated version of Microsoft Windows that was not equipped with security updates.

Britain's National Cyber Security Centre said teams were working "round the clock" to restore hospital computer systems. The cost of the cyber attack is not yet known.

The attack has been reported in 74 countries, including Ukraine, India, Taiwan, Japan and Spain, with Russia believed to have been hit the hardest.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in