At Least 12 Nations Hit by N.S.A. Hacking Tool

Hackers using a tool stolen from the United States government conducted extensive cyberattacks on Friday that hit vast sections of Europe and Asia, severely disrupting Britain’s public health system and wreaking havoc on computers in at least 11 other countries, including Russia.

Hospitals in Britain appeared to be the most severely affected by the attacks, which aimed to blackmail computer users by seizing their data. The attacks blocked doctors’ access to patient files and forced emergency rooms to divert people seeking urgent care.

It was not immediately clear who was behind the attacks, but the acts deeply alarmed cybersecurity experts and underscored the enormous vulnerabilities faced by disjointed networks of computer systems around the world.

“When people ask what keeps you up at night, it’s this,” said Chris Camacho, the chief strategy officer at Flashpoint, a New York security firm tracking the attacks.

The hacking tool was ransomware, a kind of malware that encrypts data, locks out the user and demands a ransom to release it. Security experts say the tool exploited a vulnerability that was discovered and developed by the National Security Agency of the United States.

The tool was leaked by a group calling itself the Shadow Brokers, which has been dumping stolen N.S.A. hacking tools online since last year. Microsoft rolled out a patch for the vulnerability in March, but hackers apparently took advantage of the fact that vulnerable targets — particularly hospitals — had yet to update their systems.

The malware was circulated by email. Targets were sent an encrypted, compressed file that, once loaded, allowed the ransomware to infiltrate its targets.

Reuters reported that employees of Britain’s National Health Service had been warned about the ransomware threat earlier on Friday.

But by then it was already too late. As the disruptions rippled through at least 36 hospitals, doctors’ offices and ambulance companies across Britain on Friday, the health service declared the attack a “major incident,” a warning that local health services could be overwhelmed.

Britain’s health secretary, Jeremy Hunt, was briefed by cybersecurity experts, while Prime Minister Theresa May’s office said she was monitoring the situation.

Mrs. May said later on television that “we’re not aware of any evidence that patient data has been compromised.”

More From The New York Times: