Got a TV Licence?

You need one to watch live TV on any channel or device, and BBC programmes on iPlayer. It’s the law.

Find out more
I don’t have a TV Licence.

Summary

  1. US stocks unfazed by cyber attack
  2. Over 29,000 institutions hit in China
  3. No evidence so far of a second round of cyber attacks
  4. Microsoft: cyber-attack a wake-up call
  5. Some NHS trusts still affected
  6. Get in touch: bizlivepage@bbc.co.uk

Live Reporting

By Daniel Thomas

All times stated are UK

Get involved

Good night

Thanks for tuning in to Business Live. We'll be back tomorrow at 6am sharp.

S&P and Nasdaq hit fresh records

The S&P 500 and Nasdaq finished at records on Monday after an agreement between major oil exporters boosted crude prices and petroleum-linked shares. 

 At the closing bell, the S&P 500 stood at 2,402.34 points, up 0.5%, and the Nasdaq reached 6,149.67, also up 0.5%

The Dow Jones Industrial Average rose 0.4% to 20,982.28. 

Murray - the start-up VC?

Andy Murray
Getty Images

Tennis star Andy Murray has backed two British start-up companies on the crowdfunding platform Seedrs. 

The world number one has invested undisclosed sums into tech start-up Den and helmet maker Morpher, taking the Scot's portfolio on Seedrs to more than 20 companies.

Morpher's helmets fold and unfold, and are aimed at cyclists who do not wear a helmet because they are too cumbersome to carry. It has raised more than £659,000 from almost 400 investors on Seedrs. 

Den meanwhile is a smart home system that can help users saves electricity and alert you when you've left your lights on. It has now raised more than £2.1m from more than 1,150 investors.

Murray said: “Den is exactly the kind of innovative smart technology households around the globe will utilise in the future, and Morpher is a product that the modern cyclist should own - one that has been dutifully perfected by an award-winning inventor.”

Snap shares jump 7% on investor disclosures

Snap
Getty Images

Shares in Snap  - the owner of Snapchat  - have jumped 7% after several major investment houses disclosed they held stakes.

Regulatory filings showed hedge funds including Third Point, Citadel Advisors and Och-Ziff Capital Management each owned shares in the firm as of 31 March.

Investment funds Fidelity Management & Research, T Rowe Price, BlackRock and Vanguard also held stakes in the company, filings showed. 

Shares in Snap jumped after its IPO last year, but have since plummeted on fears of slowing user growth and mounting competition from Facebook.

Philadelphia sues Wells Fargo over lending practices

A Wells Fargo branch
Getty Images

More bad news for Well Fargo. The City of Philadelphia is suing the bank, accusing it of predatory mortgage lending practices.

Philadelphia accuses Wells Fargo of having steered minority borrowers into higher-cost, riskier loans than white borrowers, even if they qualified for loans with more relaxed terms. It also said the bank had refused to let minority borrowers refinance.

Wells Fargo called the claims unsubstantiated and vowed to "vigorously" defend its record.

It adds to legal woes afflicting the US bank, which has since September been beset by a scandal over its employees' creation of unauthorised customer accounts to meet sales targets.

How do you remove the Wannacry ransomware?

It's not easy says BBC correspondent Rory Cellan-Jones

List of German firms hit by ransomware grows

Berlin
Getty Images

More German institutions were affected by the WannaCry attack than initially thought, the German federal cyber agency, BSI, has said.  

It also said it expected additional variants of the virus to surface. 

BSI President Arne Schoenbohm urged companies hit by the virus to report attacks through normal confidential channels and avoid payments to hackers under any circumstances. 

Since Friday, the attacks have infected around 200,000 PCs in 100 countries, locking user data and demanding a ransom for its release. 

No US federal agencies hit by ransomware

No federal systems were affected by the ransomware attack, according to President Donald Trump's top cyber and homeland security advisor, Tom Bossert.

He added that the "less than $70,000" of ransom money paid to release data locked by the virus worldwide appears not to have "led to any data recovery".

AB InBev plans $2bn investment in the US

Budweiser bottle
Getty Images

AB InBev plans to invest $2bn in the US in the next few years, as it tries to bolster flagging sales of its core brands in the face of rising competition from craft beer. 

The firm, which recently bought rival SABMiller for nearly $100bn, says it will invest close to $500m this year in its supply chain and expanding its breweries. It will also push further into non-alcoholic drinks.

Sales of its best known tipple, Budwiser, have been falling in the US as consumers opt for more complex tasting craft beers. AB InBev has tried to adapt by taking over more than ten independent brewers since 2011. 

AirAsia agrees deal for China budget airline

Simon Atkinson

Asia Business Reporter

AirAsia
Getty Images

In 1982 there were fewer than four million air passenger journeys made within China. Last year, that number had reached 487 million.   

And it's this booming demand for domestic air travel that has prompted AirAsia to sign a joint venture agreement to set up a new low-cost carrier in China. 

Based in the central eastern city of Zhengzhou, the airline will be run in partnership with the Everbright Group. 

AirAsia already has businesses in Malaysia, Thailand, Indonesia, Japan, Philippines and India. 

"This Chinese venture represents the final piece of the AirAsia puzzle," said chief executive Tony Fernandes, adding it "closes the loop" in the region.

Banks tighten security

The City
Getty Images

Banks have tightened their security systems and increased their surveillance after the global cyber attack.

Russia's Sberbank, the country's biggest lender, said viruses had not got into its systems but it was nonetheless "on high alert". 

Germany's savings banks, the largest and most powerful financial group in the country, received reminders from the group's information technology company to install updates. 

According to Reuters, one large British bank said they had drafted people in to work over the weekend, having been subject to a similar attack earlier this year. 

Spanish banks La Caixa, Bankinter and Sabadell said they had all taken measures. 

And India's IndusInd Bank said on Monday the attack had affected a few systems, but those had been quarantined over the weekend and it had moved quickly to patch its systems. 

Banks generally have more robust cyber defences than other sectors, because of the sensitive nature of their businesses - however some have lost money following cyber attacks. 

Bad bitcoin?

Times economics editor Philip Aldrick tweets:

View more on twitter

NHS attack - 'disruption continues'

BreakingLister Hospital diverts patients

PA news reports that the Lister Hospital in London is diverting trauma cases to Addenbrooke's Hospital, part of Cambridgeshire University Hospitals; stroke patients to Luton and Dunstable Hospital NHS Foundation Trust; and coronary care to Papworth Hospital. 

The hospital is one of two still diverting patients after the major cyber attack that struck over the weekend - down from seven. The other is Broomfield Hospital, part of Mid Essex Hospital Services NHS Trust (Midlands & East).

Speaking of the NHS as a whole, Dr Anne Rainsberry, national incident director, said: "There are encouraging signs that the situation is improving."

US cyber security shares jump

Trader
Getty Images

As we reported earlier, shares in UK cyber security firms jumped today following the global ransomware attack - and now the same appears to be happening in the US.

Both FireEye and Proofpoint are up by more than 8%, while Symantec and Palo Alto Networks have gained almost 4%.

According to analysts at Wedbush, the attack will "refocus IT attention on updating security infrastructure and procedures" and benefit providers in email, network and endpoint security.

Global manhunt for WannaCry creators

Poor payrises linked to productivity problem

Payrises this year will be just 1%, according a survey of 1,000 firms by HR body the Chartered Institute of Personnel and Development (CIPD) and the employment agency Adecco Group.

That is the lowest figure for three years and well below the current 2.3% inflation rate - a figure that is expected to rise sharply on Tuesday when April's figure is published. 

So why are payrises so low?

CIPD chief executive Peter Cheese says the issue is the perennial productivity problem - that as a nation we continue to lag, ranking just 17th or 18th in the G20 countries listing. 

He says that firms need to invest more in training to ensure staff can contribute more. 

Cyber attacks - what businesses need to know

Cybersecurity graphic
Getty Images

Paula Barrett, a partner at Eversheds, says that when it comes to data breaches, it’s a case of "when, not if" given the ease with which ransomware can now be purchased.

She advises firms to have a contingency plan in place. Here are some of her tips: 

  • Have a crisis response team ready and geared up for communications to employees, clients and wider public
  • Mock events can be an invaluable way of stress-testing safety processes, as well as training those who will be called upon to be making the decisions in the event of a crisis
  • Team members should be drawn from across the organisation - from the legal team to IT, communications and HR as well as senior managers and, ideally, someone from the board
  • Wider reporting requirements need to be understood in advance: external reporting may be mandatory for some regulated and listed businesses, public authorities, utilities and others; you may need to act within hours
  • Understand your insurance position - are you covered and do you need to notify your insurers? Don’t assume you will be - this has to be looked at in advance

Indian state power company hit by ransomware attack

Chris Baraniuk

Technology reporter

Central Delhi
Getty Images

While officials in India have said the country largely escaped the WannaCry outbreak, there have been some victims. Notably, a state power company in West Bengal was reported to have suffered from ransomware infections. 

The local power minister said WannaCry had been detected on computers used in billing centres at the Electricity Distribution Company. As a result, billing for 800,000 households has been affected.

Earlier in the day, it had been reported that the Reserve Bank of India had advised banks to take special precautions to stop the ransomware spreading. It suggested updating the software in ATMs before turning them on.

Corbyn rails against cyber attack

Corbyn at rally
Getty Images

Attendees at a Labour election rally earlier made their feelings known about the cyber attack. The crowd gathered Brudenell Social Club booed en masse, as Mr Corbyn railed against the attack on the NHS over the weekend.   

Australia 'dodged' malware crisis

Sydney, skiline
Getty Images

At least eight Australian businesses have been affected by the Wannacry virus, the Sydney Morning Herald reported today - although the Prime Minister's senior cybersecurity advisor said the country may have "dodged" the worst of the emergency because it started after Australian working hours on Friday.

Cybersecurity adviser Alastair MacGibbon said the worst of the attack fell while most Australians were asleep or not at their computers, likely limiting the impact. "But this is not game over for us," he warned.

Minister Dan Tehan, said all public service in Australia had been told to update their security systems, and the government was "reasonably confident that all required patching and security upgrades were in place".

New FTSE record

Traders, UK
Getty Images

A brief bit of business news now: London's FTSE 100 has closed at a new record high of 7,454.37 points.

That follows the previous record set by the index just last Friday.

Oil companies were boosted after energy ministers from Russia and Saudi Arabia took further steps to tackle oversupply in the market by extending production cuts from the middle of 2017 until March next year.

Anglo American, however, was the biggest riser, up 3.2%, while travel operator TUI slipped 4.8% following disappointing results, making it the biggest faller.

Russian railways, health ministry come under attack

A Russian train
Getty Images

The state-owned Russian Railways company confirmed that its "IT-system was subject to a virus attack", adding that "the virus has been localised and the work is under way to destroy it and renew means of anti-virus protection". 

Its passenger and freight transportation were unaffected by the incident, according to state-owned TASS news agency on 15 May.

The Russian Health Ministry said it had managed to "swiftly" fend off cyber-attacks on its servers and "close vulnerabilities", RIA Novosti quoting its representative Nikita Odintsov as saying.

Attack highlights 'fragility of infrastruture'

John Clark, professor of computer and information security at the University of Sheffield, says the WannaCry ransomware attack has highlighted the "fragility" of our national critical infrastructure. 

"In many ways we should think ourselves lucky: if this was, as seems the case, an indiscriminate attack (ie some poorly judged actions caused IT services within the NHS to contract the disease, so to speak), think what an informed targeted attack might have! 

"This is a wake up call for the NHS and indeed for major organisations everywhere. If this is what an accidental compromise looks like, it would be prudent to worry about what a deliberate attack might cause." 

Only one Renault plant still affected by cyber attack

Renault logo
Getty Images

Renault-Nissan says the only one of its plants still affected by the global ransomware attack is Douai, in northern France, where manufacturing remains suspended.

The attack halted or reduced the output of at least five Renault sites over the weekend, including the huge Sunderland plant in the UK.

The firm said lost production would be made up, but the financial impact was yet to be calculated. 

Breaking'Small number' of US victims

A small number of US critical infrastructure operators have been affected by the global ransomware worm, but there has been no significant disruption in their work, a Department of Homeland Security said.

There have been no victims of the cyber attack within the US federal government at this time, he added

WannaCry some more...

BBC Monitoring

News from around the globe

Two new modifications of WannaCry malware appeared over the weekend, IT firm Kaspersky Lab has told Russian news agency Interfax. 

They were probably created not by the developers of the original virus but by "other payers in the world of cybercrime", a Kaspersky staffer told Interfax.

Wall Street unfazed by cyber attack

Wall Street traders
Getty images

US stocks are up in early trade, having shrugged off the impact of the cyber attack that hit many firms and state agencies this weekend. 

The S&P 500 is up 0.40%, the Dow Jones is up 0.37% and the Nasdaq is 0.41% higher, thanks largely to a strong showing from oil-linked shares.

Oil prices jumped 2% on Monday after Russia's energy ministry released a joint statement with Saudi Arabia calling for a continuation of a deal to restrain production ahead of an Opec meeting on 25 May. 

Chevron is up 1.17%, Halliburton 2.34%, and Devon Energy 1.3%.

Why has so little Bitcoin ransom been paid?

A Bitcoin graphic
Getty Images

According to Elliptic Enterprises, a London-based company that tracks illicit use of bitcoin, just $50,000 has been paid in ransom following Friday's cyber attack. But why so little?

According to Bloomberg, one reason could be that many people don't know how to use Bitcoin, the crypto currency in which victims must pay their ransom. 

The process of making a payment is complex and can take days, says Elliptic. 

First, a person or business has to obtain some bitcoin by registering with one of the various online exchanges and going through its verification process. 

After that, money can be deposited into the exchange - although for those living in countries that don’t have an exchange, such as the UK, money must be converted into another currency first.

Organisations advised 'not to pay'

The World at One

BBC Radio 4

Organisations are being strongly advised not to pay any ransoms in response to the ransomware attack. 

Ciaran Martin, Chief Executive of the National Cyber Security Centre which is part of GCHQ, says that globally, there is a market in targeting many, often private sector companies. 

Mr Martin told Radio 4's World At One that the Department of Health and the NHS are very clear that affected bodies in the UK will not pay.  

NHS Digital update

Companies 'must be prepared' for cyber attacks

Hands on keyboard
Getty Images

Michelle Crorie - a specialty insurance legal expert and partner Clyde & Co - says companies need to be prepared in the event of a cyber attack.

She says: "By its very nature, a cybercrime incident will almost always be a race against time where decisions must be taken quickly to minimise the financial and reputational loss to the company. 

"Companies that don't adequately prepare face a real risk that directors and officers may fall short of their duties if they are found to have left their companies unprepared to respond to a cyber incident." 

She says this may not only have an impact on their companies' bottom line, but also expose directors themselves to fines, prosecution or civil proceedings. 

She also advises companies have insurance and legal cover in place.

NHS trusts were sent details of security patch in April

NHS logo
Getty Images

Weeks ago, health trusts across England were sent details of an IT security patch that would have protected them from the ransomware attack, it has emerged.

NHS Digital - which oversees the health service's IT systems - said it had issued a targeted update on a secure portal accessible to NHS staff on 25 April, alerting them to the need to update their systems.

It then sent a bulletin to more than 10,000 security and IT professionals on 27 April, alerting them to the issue. 

The attack has left 47 NHS organisations affected with malware in their system, ranging from hospital trusts to commissioning support units. Seven hospital trusts are still experiencing serious problems.

India 'largely escapes' ransomware attack

Indian computer users
Getty Images

India has said that its vital computer systems largely escaped the global ransomware attack that struck over the weekend.

That's because the state organisation that manages almost all government websites actively installed patches to immunise its Windows systems.

Aruna Sundararajan, secretary of India's Ministry of Electronics and Information Technology, told Reuters the government was monitoring the situation and that a few stand-alone computers of a police department were "back in action" after being infected over the weekend. 

The attack has been less severe than anticipated in Asia, but industry professionals have said countries in the region remain vulnerable. 

No new UK cases

The World at One

BBC Radio 4

Ciaran Martin, chief executive of the National Cyber Security Centre, says there have been no new cases in the UK arising from Friday's cyber-attack. 

He tells BBC Radio 4's World at One: "Across the globe, events today have been at the lower end of our expectations. Presently we're not confirming any new cases arising from Friday's attack, we're continuing to investigate a small number of potential cases, but there is nothing new to report." 

He added there was still no evidence to suggest patient data had been stolen as a result of the attack.

Business update: Oil prices; Google self-drive; Air Asia

Oil field
Reuters

For readers logging onto these pages for the latest business news, here is a selection of the main stories outside of the cyber-attack:  

  • Oil prices have jumped 2% to $52.20 after Saudi Arabia and Russia said a deal to cut production should be extended. The rise sent energy shares higher, helping the UK's FTSE 100 index hit a new record high in morning trade.
  • Waymo, the self-driving car unit of Google's owner is partnering with ride hailing firm Lyft. The move is set to escalate a rivalry between Waymo and Uber, which are fighting a court battle over self-driving technology.
  • Budget airline AirAsia has signed a joint venture agreement to set up a new low-cost carrier in China. Chief executive Tony Fernandes said the deal completes the airline's presence in the region.

Why have hospitals been hit?

Chris Baraniuk

Technology reporter

NHS ward
PA

Hospitals in the UK’s National Health Service aren’t the only ones to have suffered at the hands of WannaCry. There have also been reports of hospitals in China, Indonesia, Canada and Ireland that have been “threatened” by the ransomware outbreak. 

In some cases, including Indonesia and the UK, this has resulted in service to patients actually being disrupted.

Cyber-security experts say that hospitals are classic examples of institutions that find it difficult to maintain IT security. 

This is because the recommended procedure of patching software to protect it from threats like ransomware actually has complications associated with it. For example, hospital technicians generally want to avoid unnecessary updates in case they disrupt important systems, such as medical devices.

Three hospitals in Ireland hit

Three hospitals in Ireland have also been affected by the cyber attack, it's just been announced. 

However, a spokeswoman for the Republic's Health Service Executive (HSE) says they are not naming the hospitals affected.

"It's just to allow the hospitals themselves to deal with it and so that patients are not unduly concerned. Patient care is broadly unaffected," she says. 

What's a worm?

worm picture
Getty Images

The ransomware attack is being referred to as a worm, but what does this actually mean? 

Just in the way that worms can wriggle their way discretely into small nooks and crannies, a worm virus can spread from device to device.

But unlike a virus they don’t need to attach themselves to other programs. Worms can copy themselves hundreds of times, so they can very quickly harm your device and other devices. 

A worm might copy itself onto your email account for example and then send a copy to all of your email contacts.