First Australian business infected in global cyber attack

A computer screen shows an error message after Britain's National Health Service was hacked. Photo: AP/Twitter: @fendifille
A computer screen shows an error message after Britain's National Health Service was hacked. Photo: AP/Twitter: @fendifille

A GLOBAL cyber attack that has struck computers across Europe and Asia is believed to have infected its first Australian business, the federal government says.

And more local computer systems are expected to be hit.

The attack has hit more than 75,000 computers in 99 countries.

It has crippled Britain's health system - with stroke victims unable to undergo urgent surgery because their scans could not be accessed - and affected other businesses around the world.

Prime Minister Malcolm Turnbull's cyber security adviser, Alastair MacGibbon, said on Sunday there had been one confirmed incident in Australia, but warned it was likely more computer systems would eventually be hit.

"People going back to work on Monday may switch on their computers and see their systems have been impacted," he said.

"We have one likely incident which is being investigated but we believe there could be more out there."

Mr MacGibbon declined to comment on the identity or type of the business impacted by the unprecedented cyber attack but said it was a small company, which did not provide critical infrastructure.

"The affected company doesn't fall under critical infrastructure, it's not a medical or health service and it is not a big company," he said.

"The most important message we want to get out there is that we haven't seen a wholesale impact like we've seen in Europe and other parts of the world. It appears at this stage, it is unlikely there will be any large-scale ramifications."

Tens of thousands of computer were "locked" - the screens displaying the telltale ransom demand.

Local experts on Saturday scrambled to ensure hospitals and other public facilities did not fall victim to the massive ransomware operation, which had seen patients turned away and operations cancelled in Britain.

A mysterious, Russian-linked group called TheShadowBrokers last month claimed to have stolen the hacking tool, which may then have been acquired by another cyber gang and unleashed in Friday's onslaught.

This particular attack used malicious emails to encrypt a computer's data and demand payment of hundreds of dollars to decode the data.