Fourth Ebola case found in Congo city, raising fears of faster spread

FILE PHOTO: Congolese health workers prepare to administer ebola vaccination to residents at a centre in Goma, Democratic Republic of Congo, August 1, 2019. REUTERS/Djaffer Sabiti

GOMA, Democratic Republic of Congo (Reuters) – A fourth case of Ebola has been confirmed in the eastern Congo city of Goma, the government said late on Thursday, raising fears of an acceleration in infections close to the border with Rwanda.

The new case is the wife of a miner who died of the virus earlier this week and who only sought treatment more than a week after starting to show symptoms, authorities said.

“This time … the individual concerned spent time with his family and spent time [being] very symptomatic within the community. So we did expect further cases and we are seeing further cases,” said Margaret Harris, a spokeswoman for the World Health Organization (WHO).

One of the couple’s daughters has also tested positive for Ebola though the government said on Friday two others were negative in preliminary checks. More than 200 people who came into contact with the man have been tracked and 160 of them vaccinated.

An outbreak on Ebola has killed more than 1,800 people in other parts of Democratic Republic of Congo since it was declared one year ago, making it the second-worst on record. Two people have died in Uganda, which also borders Congo, but no registered cases have occurred in Rwanda.

Fears the disease was gaining a foothold in Goma, a city of 1 million people, had subsided after its first case emerged in July but was not immediately followed by more. The new cases confirmed this week were not linked to that first case, authorities said.

BORDER TOWN

Nestled in hilly country at the foot of an active volcano, Goma lies just 7 km (4.5 miles) from Rwanda’s main border town of Gisenyi.

On Thursday, Rwanda briefly shut its border crossings with Congo around the city, after the new cases emerged.

Increased health screenings caused traffic slowdowns at the border, Rwandan Health Minister Diane Gashumba said, hours after Congolese traders had reported it shut. About 45,000 people a day go through the main border post, an immigration official said.

In July, the outbreak was declared an international health emergency by the WHO, but the body said there should be no trade or travel restrictions.

“When you close borders… two things happen: first you get panic, people see this as a signal to start panicking,” Harris told reporters in Geneva.

“Secondly, people who do have symptoms go underground. Because they don’t want to be seen and they do want to continue their daily lives, and so we are even less likely to detect where this virus is moving,” she added.

(Reporting by Fiston Mahamba in Goma, Anna Pujol-Mazzini in Dakar and Stephanie Nebehay in Geneva; editing by Alison Williams, Larry King and Andrew Heavens)

WHO sounds Ebola alarm as risks intensify

A Congolese health worker administers ebola vaccine to a child at the Himbi Health Centre in Goma, Democratic Republic of Congo, July 17, 2019. REUTERS/Olivia Acland

By Tom Miles

GENEVA (Reuters) – The World Health Organization on Wednesday declared Congo’s Ebola outbreak an international health emergency, sounding a rarely used global alarm after the virus threatened to spread to a major city and into neighboring countries.

Despite a highly effective vaccine and a swift international response after it was declared 11 months ago, the outbreak has proved tenacious in an unstable region beset by violence, becoming Congo’s worst ever, with almost 1,700 dead.

A vast campaign of vigilance and vaccination, with almost 75 million screenings, has kept the highly infectious virus almost entirely confined to two provinces in northeastern Congo. The emergency committee of international health experts that advises WHO had thrice declined to declare an emergency.

But this month a pastor died after traveling to Goma, a city of 2 million and a gateway to other countries in the region. On Wednesday, the WHO reported a fisherwoman had died in Congo after four vomiting incidents at a market in Uganda, where 590 people may be sought for vaccination.

“The committee is concerned that a year into the outbreak, there are worrying signs of possible extension of the epidemic,” the committee’s report said.

The committee had been under pressure from many experts who felt the scale of the outbreak and the risks meant it had to be given the emergency status – only the fifth such disease outbreak since the WHO introduced such designations in 2005.

“It shows no sign of coming under control,” said Peter Piot, a member of the team that discovered Ebola and is now director of the London School of Hygiene & Tropical Medicine.

“I hope that today’s decision serves as a wake-up call to drive high-level political action, improved coordination, and greater funding to support DRC in their efforts to stop this devastating epidemic,” he said.

NO BORDER CLOSURES

The previous international emergencies, under a system introduced after the 2004 Asian SARS epidemic, were the 2013-2016 West African Ebola epidemic that killed over 11,300 people, the 2009 flu pandemic, polio in 2014 and the Zika virus that caused a spate of birth defects across Latin America.

The WHO committee’s chairman, Robert Steffen, tempered the outbreak’s designation as an emergency by saying it remained a regional, rather than a global threat, and stressed that no country should react to Ebola by closing borders or restricting trade.

The WHO has warned that the nearby countries of Rwanda, South Sudan, Burundi and Uganda are the most at risk, while Central African Republic, Angola, Tanzania, Republic of Congo and Zambia are in a second tier.

Earlier this week the WHO said hundreds of millions of dollars were needed immediately to prevent the outbreak billowing out of control and costing far more lives and money.

But WHO chief Tedros Adhanom Ghebreyesus, who convened the emergency committee after viewing the Goma case as a “potential gamechanger”, said the designation as an international emergency was not meant to suggest that some countries had been withholding funds and would now unlock them.

One priority was to accelerate the production of the vaccine, which is in short supply. It is produced by Merck and still unlicensed, which means it can only be used in a clinical trial overseen by Congo’s health ministry.

WHO has already begun using smaller doses to ration supplies and the committee recommended taking “all measures to increase supplies”, including contracting supply to other manufacturers and transferring Merck’s technology.

(Reporting by Tom Miles, Kate Kelland and Nairobi newsroom; Editing by Gareth Jones, John Stonestreet and Dan Grebler)

Ten die of MERS in Saudi Arabia among 32 cases in last three months: WHO

The headquarters of the World Health Organization are pictured in Geneva

By Kate Kelland

LONDON (Reuters) – Ten people have died among 32 infected with Middle East Respiratory Syndrome (MERS) in Saudi Arabia since June in a series of clusters of the viral disease, the World Health Organization (WHO) said on Wednesday.

The latest cases, recorded between June 1 and September 16, bring the global total of laboratory-confirmed MERS cases to 2,254, with 800 deaths, the United Nations agency said in a “disease outbreak” statement on its website.

MERS first emerged in humans in Saudi Arabia in 2012 and has since spread to cause outbreaks in dozens of countries around the world. The vast majority of the cases – around 1,800 of them – have been in Saudi Arabia.

The virus MERS can cause severe respiratory disease in people and kills one in three of those it infects. It is thought to be carried by camels and comes from the same family as the coronavirus that caused China’s deadly Severe Acute Respiratory Syndrome (SARS) outbreak in 2003.

Most of the known human-to-human transmission of the disease has occurred in healthcare settings, and the WHO has warned hospitals and medical workers to take stringent precautions to stop the disease from spreading.

The WHO said these latest cases did not change its overall assessment that the virus poses a risk of spreading both within and beyond the Middle East.

“WHO expects that additional cases … will be reported from the Middle East, and that cases will continue to be exported to other countries,” its statement said.

The disease spread into South Korea in 2015 and killed 38 people in a major outbreak. And in its first case in three years, South Korea said last month that a 61-year-old man had been diagnosed with MERS.

Among the 32 latest Saudi cases, 12 were part of “five distinct clusters”, the WHO said. Four of these were within households or families, and the fifth was in a hospital in Buraidah, a city in Qassim Province north of the capital Riyadh.

(Reporting by Kate Kelland, Editing by William Maclean)

Ebola fight has new science but faces old hurdles in restive Congo

A doctor cares for a patient inside an isolate cube at The Alliance for International Medical Action (ALIMA) treatment center in Beni, North Kivu province of the Democratic Republic of Congo September 6, 2018. REUTERS/Fiston Mahamba

By Fiston Mahamba

BENI, Democratic Republic of Congo (Reuters) – When Esperance Nzavaki heard she was cured of Ebola after three weeks of cutting-edge care at a medical center in eastern Democratic Republic of Congo, she raised her arms to the sky with joy and praised the Lord.

Her recovery is testament to the effectiveness of a new treatment, which isolates patients in futuristic cube-shaped mobile units with transparent walls and gloved access, so health workers no longer need to don cumbersome protective gear.

“I started to feel sick, with a fever and pain all over my body. I thought it was typhoid. I took medicine but it didn’t work,” Nzavaki told Reuters in Beni, a city of several hundred thousand, where officials are racing to contain the virus.

“Then an ambulance came and brought me to hospital for Ebola treatment. Now I praise God I’m healed.”

The fight against Ebola has advanced more in recent years than in any since it was discovered near the Congo River in 1976. When the worst outbreak killed 11,300 people in West Africa in 2013-2016, there was no vaccine and treatment amounted to little more than keeping patients comfortable and hydrated.

Now there’s an experimental vaccine manufactured by Merck which already this year helped quash an earlier outbreak of this strain of the virus on the other side of the country in under three months. And there are the cube treatment centers, pioneered by the Senegalese medical charity, ALIMA.

“With this system … where there are not people donning masks, the patients feel reassured and perceive that there is life here,” said Claude Mahoudeau, the coordinator of ALIMA’s treatment center in Beni.

In addition, three experimental treatments have been rolled out for the first time, offering patients additional reason to hope that their diagnosis is not a death sentence.

Yet even the smartest science can do little about the marauding rebel groups and widespread fear and mistrust that could yet scupper efforts to contain Congo’s tenth outbreak of the deadly haemorrhagic fever.

The latest outbreak is so far believed to have killed 90 people since July and infected another 40.

The stakes are high, not just for health reasons. Ebola could complicate Congo’s first democratic change of power, the holding of a Dec. 23 election to replace President Joseph Kabila that is already two years late.

FILE PHOTO: Congolese officials and the World Health Organization officials wear protective suits as they participate in a training against the Ebola virus near the town of Beni in North Kivu province of the Democratic Republic of Congo, August 11, 2018. REUTERS/Samuel Mambo

FILE PHOTO: Congolese officials and the World Health Organization officials wear protective suits as they participate in a training against the Ebola virus near the town of Beni in North Kivu province of the Democratic Republic of Congo, August 11, 2018. REUTERS/Samuel Mambo

REBELLION, FEAR, MISTRUST

The affected North Kivu and Ituri provinces have been a tinder box of armed rebellion and ethnic killing since two civil wars in the late 1990s. Some areas near the epicenter require armed escorts to reach because of insecurity. Two South African peacekeepers there were wounded in a rebel ambush last week.

And last week, authorities confirmed the first death from Ebola in the major trading hub of Butembo, a city of almost a million near the border with Uganda, dampening hopes that the virus was being brought under control.

Insecurity aside, the biggest challenges the government faces could be panic and downright denial, as they were during the catastrophic West Africa outbreak.

“Ebola does not exist in Beni,” resident Tresor Malala said, shaking his head. “For a long time, people got sick with fever, diarrhea, vomiting and they healed. Now someone gets a fever, they get sent to the Ebola treatment center and then they die.”

Taxi driver Mosaste Kala was equally skeptical: “The only people dying are the ones going to the … treatment center.”

Tackling these perceptions will be crucial if authorities are to halt the epidemic.

At a news conference on Saturday, Health Minister Oly Ilunga Kalenga admitted that “community resistance is the first challenge to the response to the epidemic”.

In the district of Ndindi, in Beni, Ebola is spreading due to the community’s reluctance to cooperate with health workers, the ministry says. Some locals have hidden sick relatives or refused to be vaccinated.

The problem, says school teacher Alain Mulonda, many of whose pupils were being kept at home by anxious parents, is that locals have little understanding of Ebola.

“If the population of Beni continues to show this distrust,” he said, “this disease will consume the whole town.”

(Additional reporting by Amedee Mwarabu in Kinshasa and Aaron Ross in Dakar; Writing by Alessandra Prentice; Editing by Tim Cocks, David Evans and Peter Graff)

Flu Spreading Rapidly across the Country, CDC reports increase since Christmas

Weekly report of widespread flu cases throughout the US from the CDC

By Kami Klein

Flu season is upon us and this year according to the CDC, reports do not look good. In states like California, pharmacies are running out of flu medicine, emergency rooms are packed with patients, and the death toll is three times higher now than this time last year.  So far, in that state alone 27 people under the age of 65 have died since October.  And the cases have now spread across the country.   

The flu outbreak covers the entire United States with many hospitals filling to capacity.  Although it has not been called an epidemic yet, this year’s flu season has already spread faster and further than it did last year at this time. The CDC has also reported that during the week of Christmas the flu virus has increased sharply across the nation.  

The Los Angeles Times reported that UCLA Medical Center in Santa Monica are seeing over 200 patients a day in emergency rooms.  Dr. Wally Ghurabi, the ER medical director remarked on what they are seeing daily, “The Northridge earthquake was the last time we saw over 200 patients.”  

Methodist Dallas Medical Center’s emergency room is so overrun with flu cases that it is asking people with non-emergency symptoms to go to urgent care centers or see a primary care physician. And many hospitals have gone into diversion mode having to send ambulances to other hospitals and not accepting flu patients.  

The most prevalent strain of flu that is being reported by public health laboratories is influenza A(H3).  Symptoms come on suddenly and can begin with any of these symptoms; Body Aches, Fever, Headache, Sore Throat, Cough, Exhaustion, Cold like symptoms of Congestion and more frequently in children can include Vomiting and Diarrhea.

According to the CDC, most healthy adults may be able to infect other people beginning 1 day before symptoms develop and up to 5 to 7 days after becoming sick. Symptoms start 1 to 4 days after the virus enters the body. That means that you may be able to pass on the flu to someone else before you know you are sick, as well as while you are sick. Some people can be infected with the flu virus but have no symptoms. During this time, those persons may still spread the virus.

It is vital to note that people with the flu can spread it to others from up to about 6 feet away when those infected cough, sneeze or talk and the droplets land in the mouths or noses of people nearby or are inhaled into the lungs. A person might also get flu by touching a surface or object that has flu virus on it and then touching their own mouth or nose.

If you have been exposed to the flu, being aware of the risk of spreading is vital to slowing down this virus. Encourage family, friends and co-workers to frequent hand washing for at least 20 seconds with soap and water or use an alcohol based hand rub. Frequently touched surfaces such as telephones, computer keyboards, desks, doorknobs, light switches, should be cleaned and disinfected especially if someone ill has been around them.  

Anyone who is sick should stay home! By going to work or school you are only putting others who come into contact with you and their families at risk. Those who are the most vulnerable for this virus to become fatal are the very young, the elderly, and those that have other medical conditions. But there have been reports of healthy adults who are succumbing to this virus.  

Nobody is immune to the flu virus.  Health officials say that it is not too late for a flu shot even though at this time the current vaccine is only 10% effective in avoiding this strain of flu, but are also stating that while the flu shot may not protect you from the getting the flu it can absolutely help in your recovery if you are exposed to it.  

 

NOTE:  Morningside hopes you are taking good care of yourself. For many health items we use here at the ministry that can help you stay at your healthiest, please visit our store!

 

Dengue outbreak kills 300 in Sri Lanka, hospitals at limit

A mosquito landing on a person. Courtesy of Pixabay

COLOMBO (Reuters) – An outbreak of dengue virus has killed around 300 people so far this year in Sri Lanka and hospitals are stretched to capacity, health officials said on Monday.

They blamed recent monsoon rains and floods that have left pools of stagnant water and rotting rain-soaked trash — ideal breeding sites for mosquitoes that carry the virus.

The International Federation of Red Cross and Red Crescent Societies is scaling up emergency assistance to Sri Lanka with the Sri Lanka Red Cross to help contain the outbreak.

“Dengue patients are streaming into overcrowded hospitals that are stretched beyond capacity and struggling to cope, particularly in the country’s hardest hit western province,” Red Cross/Red Crescent said in a statement.

According to the World Health Organization, dengue is one of the world’s fastest growing diseases, endemic in 100 countries, with as many as 390 million infections annually. Early detection and treatment save lives when infections are severe, particularly for young children.

The Sri Lankan government is struggling to control the virus, which causes flu-like symptoms and can develop into the deadly hemorrhagic dengue fever.

The ministry of health said the number of dengue infections has climbed above 100,000 since the start of 2017, with 296 deaths.

“Ongoing downpours and worsening sanitation conditions raise concerns the disease will continue to spread,” Red Cross/Red Crescent said.

Its assistance comes a week after Australia announced programs to help control dengue fever in Sri Lanka.

“Dengue is endemic here, but one reason for the dramatic rise in cases is that the virus currently spreading has evolved and people lack the immunity to fight off the new strain,” Novil Wijesekara, head of health at the Sri Lanka Red Cross said in a statement.

(Reporting by Ranga Sirilal and Shihar Aneez Editing by Jeremy Gaunt.)

Chipotle to reopen Virginia restaurant after norovirus reports

FILE PHOTO - A Chipotle Mexican Grill is seen in Los Angeles, California, U.S. on April 25, 2016. REUTERS/Lucy Nicholson/File Photo

BOSTON (Reuters) – Chipotle Mexican Grill Inc said it will reopen a Virginia restaurant on Wednesday, two days after it was closed due to reports that several customers had fallen ill with suspected norovirus.

Shares of the restaurant chain tumbled more than 4 percent on Tuesday after Chipotle reported the closure. The former high-flying chain is still fighting to repair its reputation and resuscitate its sales after a string of high-profile food safety lapses in late 2015.

Chipotle voluntarily closed the restaurant in Sterling, Virginia, on Monday, according to a health official for the Loudoun County Public Health Department, which has jurisdiction over the restaurant, about 30 miles (48 km) northwest of Washington.

About 13 people became sick last week, according to a website that follows incidents of foodborne illness. Test results are still pending.

Chipotle stock, which traded well above $700 prior to 2015 reports linking the chain to outbreaks of E. coli, salmonella and norovirus, was off 1.4 percent at $369.56 on Wednesday.

“It is unfortunate that anyone became ill after visiting our restaurant, and when we learned of this issue, we took aggressive action to correct the problem and protect our customers,” Chipotle Chief Executive Officer Steve Ells said in a statement.

“While the restaurant was closed, multiple teams performed complete sanitization of all surfaces,” Ells said.

Norovirus, is the leading cause of illness and outbreaks from contaminated food in the United States, according to the Centers for Disease Control and Prevention.

It can spread from person to person, as well as through food prepared by an infected person. It often hits closed environments such as daycare centers, schools and cruise ships. Most outbreaks happen from November to April in the United States.

(Reporting by Lisa Baertlein in Boston; Editing by Jeffrey Benkoe)

Outbreak of hantavirus infections kills three in Washington state

A micrographic study of liver tissue seen from a Hantavirus pulmonary syndrome (HPS) patient seen in this undated photo obtained by Reuters, July 6, 2017. Centers for Disease Control and Prevention/Handout via REUTERS

By Laura Zuckerman

(Reuters) – Five people have been stricken with the rare, rodent-borne hantavirus illness in Washington state since February, three of whom have died, in the state’s worst outbreak of the disease in at least 18 years, public health officials reported on Thursday.

The three fatal cases also mark the highest death toll from hantavirus pulmonary syndrome in Washington state during a single year since the respiratory ailment was first identified in the “Four Corners” region of the U.S. Southwest in 1993.

The disease has been found to be transmitted to humans from deer mice, either through contact with urine, droppings, saliva or nesting materials of infected rodents or by inhaling dust contaminated with the virus.

Victims in the latest outbreak were men and women ranging in age from their 20s to their 50s from four counties across the state, said David Johnson, spokesman for the Washington State Department of Health.

The first diagnosed case this year was in February and the most recent was last month, when the infection killed a resident of Spokane County in the eastern part of the state near Washington’s border with Idaho. Three of the five cases, including another one that proved fatal, were confirmed in the Puget Sound region of King and Skagit counties.

The only common factor among those infected by the disease, which typically kills more than a third of its victims, is that they were all exposed to infected mice, Johnson said.

The last time five confirmed hantavirus cases were diagnosed in Washington state in a single year was in 1999, although just one of those proved fatal, Johnson said.

Washington has reported 49 of the 690 hantavirus cases tallied nationwide from 1993 to January 2016, ranking fifth among 10 Western states that account for the bulk of all documented infections, according to the federal Centers for Disease Control and Prevention (CDC) in Atlanta.

Eighteen infections with four deaths were reported nationally in 2015. The year before, the CDC counted 35 cases, of which 14 were fatal.

The most highly publicized hantavirus outbreak occurred in 2012, when 10 visitors to Yosemite National Park in California were diagnosed with the infection, three of whom died, prompting a worldwide alert. All but one of those were linked to tent cabins later found to have been infested by deer mice.

(Editing by Steve Gorman; Editing by Paul Tait)

New computer virus spreads from Ukraine to disrupt world business

A user takes a selfie in front of a laptop at WPP, a British multinational advertising and public relations company in Hong Kong, China June 28, 2017 in this picture obtained from social media. INSTAGRAM/KENNYMIMO via REUTERS

By Eric Auchard and Dustin Volz

FRANKFURT/WASHINGTON (Reuters) – A computer virus wreaked havoc on firms around the globe on Wednesday as it spread to more than 60 countries, disrupting ports from Mumbai to Los Angeles and halting work at a chocolate factory in Australia.

Risk-modeling firm Cyence said economic losses from this week’s attack and one last month from a virus dubbed WannaCry would likely total $8 billion. That estimate highlights the steep tolls businesses around the globe face from growth in cyber attacks that knock critical computer networks offline.

“When systems are down and can’t generate revenue, that really gets the attention of executives and board members,” said George Kurtz, chief executive of security software maker CrowdStrike. “This has heightened awareness of the need for resiliency and better security in networks.”

The virus, which researchers are calling GoldenEye or Petya, began its spread on Tuesday in Ukraine. It infected machines of visitors to a local news site and computers downloading tainted updates of a popular tax accounting package, according to national police and cyber experts.

It shut down a cargo booking system at Danish shipping giant A.P. Moller-Maersk <MAERSKb.CO>, causing congestion at some of the 76 ports around the world run by its APM Terminals subsidiary..

Maersk said late on Wednesday that the system was back online: “Booking confirmation will take a little longer than usual but we are delighted to carry your cargo,” it said via Twitter.

U.S. delivery firm FedEx said its TNT Express division had been significantly affected by the virus, which also wormed its way into South America, affecting ports in Argentina operated by China’s Cofco.

The malicious code encrypted data on machines and demanded victims $300 ransoms for recovery, similar to the extortion tactic used in the global WannaCry ransomware attack in May.

Security experts said they believed that the goal was to disrupt computer systems across Ukraine, not extortion, saying the attack used powerful wiping software that made it impossible to recover lost data.

“It was a wiper disguised as ransomware. They had no intention of obtaining money from the attack,” said Tom Kellermann, chief executive of Strategic Cyber Ventures.

Brian Lord, a former official with Britain’s Government Communications Headquarters (GCHQ) who is now managing director at private security firm PGI Cyber, said he believed the campaign was an “experiment” in using ransomware to cause destruction.

“This starts to look like a state operating through a proxy,” he said.

ETERNAL BLUE

The malware appeared to leverage code known as “Eternal Blue” believed to have been developed by the U.S. National Security Agency.

Eternal Blue was part of a trove of hacking tools stolen from the NSA and leaked online in April by a group that calls itself Shadow Brokers, which security researchers believe is linked to the Russian government.

That attack was noted by NSA critics, who say the agency puts the public at risk by keeping information about software vulnerabilities secret so that it can use them in cyber operations.

U.S. Representative Ted Lieu, a Democrat, on Wednesday called for the NSA to immediately disclose any information it may have about Eternal Blue that would help stop attacks.

“If the NSA has a kill switch for this new malware attack, the NSA should deploy it now,” Lieu wrote in a letter to NSA Director Mike Rogers.

The NSA did not respond to a request for comment and has not publicly acknowledged that it developed the hacking tools leaked by Shadow Brokers.

The target of the campaign appeared to be Ukraine, an enemy of Russia that has suffered two cyber attacks on its power grid that it has blamed on Moscow.

ESET, a Slovakian cyber-security software firm, said 80 percent of the infections detected among its global customer base were in Ukraine, followed by Italy with about 10 percent.

Ukraine has repeatedly accused Moscow of orchestrating cyber attacks on its computer networks and infrastructure since Russia annexed Crimea in 2014.

The Kremlin, which has consistently rejected the accusations, said on Wednesday it had no information about the origin of the attack, which also struck Russian companies including oil giant Rosneft <ROSN.MM> and a steelmaker.

“Unfounded blanket accusations will not solve this problem,” said Kremlin spokesman Dmitry Peskov.

Austria’s government-backed Computer Emergency Response Team (CERT) said “a small number” of international firms appeared to be affected, with tens of thousands of computers taken down.

Microsoft, Cisco Systems Inc and Symantec Corp <SYMC.O> said they believed the first infections occurred in Ukraine when malware was transmitted to users of a tax software program.

Russian security firm Kaspersky said a news site for the Ukraine city of Bakhumut was also hacked and used to distribute the ransomware.

A number of the victims were international firms with have operations in Ukraine.

They include French construction materials company Saint Gobain <SGOB.PA>, BNP Paribas Real Estate <BNPP.PA>, and Mondelez International Inc <MDLZ.O>, which owns Cadbury chocolate.

Production at the Cadbury factory on the Australian island state of Tasmania ground to a halt late on Tuesday after computer systems went down.

(Additional reporting by Jack Stubbs in Moscow, Alessandra Prentice in Kiev, Helen Reid in London, Teis Jensen in Copenhagen, Maya Nikolaeva in Paris, Shadia Naralla in Vienna, Marcin Goettig in Warsaw, Byron Kaye in Sydney, John O’Donnell in Frankfurt, Ari Rabinovitch in Tel Aviv, Noor Zainab Hussain in Bangalore; Writing by Eric Auchard, David Clarke and Jim Finkle; Editing by David Clarke and Andrew Hay)

More disruptions feared from cyber attack; Microsoft slams government secrecy

Indonesia's Minister of Communications and Information, Rudiantara, speaks to journalists during a press conference about the recent cyber attack, at a cafe in Jakarta, Indonesia

By Dustin Volz and Eric Auchard

WASHINGTON/FRANKFURT (Reuters) – Officials across the globe scrambled over the weekend to catch the culprits behind a massive ransomware worm that disrupted operations at car factories, hospitals, shops and schools, while Microsoft on Sunday pinned blame on the U.S. government for not disclosing more software vulnerabilities.

Cyber security experts said the spread of the worm dubbed WannaCry – “ransomware” that locked up more than 200,000 computers in more than 150 countries – had slowed but that the respite might only be brief amid fears new versions of the worm will strike.

In a blog post on Sunday, Microsoft President Brad Smith appeared to tacitly acknowledge what researchers had already widely concluded: The ransomware attack leveraged a hacking tool, built by the U.S. National Security Agency, that leaked online in April.

“This is an emerging pattern in 2017,” Smith wrote. “We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.”

He also poured fuel on a long-running debate over how government intelligence services should balance their desire to keep software flaws secret – in order to conduct espionage and cyber warfare – against sharing those flaws with technology companies to better secure the internet.

“This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem,” Smith wrote. He added that governments around the world should “treat this attack as a wake-up call” and “consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits.”

The NSA and White House did not immediately respond to requests for comment about the Microsoft statement.

Economic experts offered differing views on how much the attack, and associated computer outages, would cost businesses and governments.

The non-profit U.S. Cyber Consequences Unit research institute estimated that total losses would range in the hundreds of millions of dollars, but not exceed $1 billion.

Most victims were quickly able to recover infected systems with backups, said the group’s chief economist, Scott Borg.

California-based cyber risk modeling firm Cyence put the total economic damage at $4 billion, citing costs associated with businesses interruption.

U.S. President Donald Trump on Friday night ordered his homeland security adviser, Tom Bossert, to convene an “emergency meeting” to assess the threat posed by the global attack, a senior administration official told Reuters.

Senior U.S. security officials held another meeting in the White House Situation Room on Saturday, and the FBI and the NSA were working to help mitigate damage and identify the perpetrators of the massive cyber attack, said the official, who spoke on condition of anonymity to discuss internal deliberations.

The investigations into the attack were in the early stages, however, and attribution for cyber attacks is notoriously difficult.

The original attack lost momentum late on Friday after a security researcher took control of a server connected to the outbreak, which crippled a feature that caused the malware to rapidly spread across infected networks.

Infected computers appear to largely be out-of-date devices that organizations deemed not worth the price of upgrading or, in some cases, machines involved in manufacturing or hospital functions that proved too difficult to patch without possibly disrupting crucial operations, security experts said.

Microsoft released patches last month and on Friday to fix a vulnerability that allowed the worm to spread across networks, a rare and powerful feature that caused infections to surge on Friday.

Code for exploiting that bug, which is known as “Eternal Blue,” was released on the internet last month by a hacking group known as the Shadow Brokers.

The head of the European Union police agency said on Sunday the cyber assault hit 200,000 victims in at least 150 countries and that number would grow when people return to work on Monday.

MONDAY MORNING RUSH?

Monday was expected to be a busy day, especially in Asia, which may not have seen the worst of the impact yet, as companies and organizations turned on their computers.

“Expect to hear a lot more about this tomorrow morning when users are back in their offices and might fall for phishing emails” or other as yet unconfirmed ways the worm may propagate, said Christian Karam, a Singapore-based security researcher.

The attack hit organizations of all sizes.

Renault said it halted manufacturing at plants in France and Romania to prevent the spread of ransomware.

Other victims include is a Nissan manufacturing plant in Sunderland, northeast England, hundreds of hospitals and clinics in the British National Health Service, German rail operator Deutsche Bahn and international shipper FedEx Corp

A Jakarta hospital said on Sunday that the cyber attack had infected 400 computers, disrupting the registration of patients and finding records.

Account addresses hard-coded into the malicious WannaCry virus appear to show the attackers had received just under $32,500 in anonymous bitcoin currency as of (1100 GMT) 7 a.m. EDT on Sunday, but that amount could rise as more victims rush to pay ransoms of $300 or more.

The threat receded over the weekend after a British-based researcher, who declined to give his name but tweets under the profile @MalwareTechBlog, said he stumbled on a way to at least temporarily limit the worm’s spread by registering a web address to which he noticed the malware was trying to connect.

Security experts said his move bought precious time for organizations seeking to block the attacks.

(Additional reporting by Jim Finkle, Neil Jerome Morales, Masayuki Kitano, Kiyoshi Takenaka, Jose Rodriguez, Elizabeth Piper, Emmanuel Jarry, Orathai Sriring, Jemima Kelly, Alistair Smout, Andrea Shalal, Jack Stubbs, Antonella Cinelli, Kate Holton, Andy Bruce, Michael Holden, David Milliken, Tim Hepher, Luiza Ilie, Patricia Rua, Axel Bugge, Sabine Siebold, Eric Walsh, Engen Tham, Fransiska Nangoy, Soyoung Kim, Mai Nguyen and Nick Zieminski; Editing by Mark Heinrich and Peter Cooney)