A global cyberattack is using a leaked NSA exploit to take down hospitals and telecoms companies

There's a massive series of cyberattacks across the globe right now — and leaked malware developed by the NSA seems to be to blame.

Ransomware, software that encrypts the victim's data and demands a ransom to unlock it, has spread across a dozen countries, from England to Japan.

Among the organisations affected are Spanish telecoms giant Telefónica (which told employees today to stop working and shut down their computers, according to Spanish newspaper El Mundo), and the National Health Service (NHS) in the UK.

At least 15 NHS organisations around the UK have been affected, causing utter chaos. Hospitals have been closed and operations cancelled at short notice, and medical staff have resorted to pen and paper to work. Logistics firm FedEx has also been affected, according to the BBC.

Both NHS and Telefónica confirmed the attacks. They both said they had been hit by versions of the "WannaCry" ransomware — malicious software which encrypts the information on a device, then demands a ransom to return it. According to user reports on Twitter, the ransomware asks users to pay $300 in Bitcoin.

The reason for the malware's virulent spread appears to be its use of an exploit of Windows software developed by the National Security Agency (NSA), an American spy agency. The exploit was leaked online months ago and patched by Microsoft — but those affected seem not to have updated their software to install the fix.

According to The New York Times, the malware has been detected in at least 12 countries.

Some 85% of Telefónica's computers have reportedly been affected. Portugal Telecom (PT) has also been affected, though a spokeswoman didn't say whether it was a WannaCry attack. The company said its systems hadn't been affected, according to Reuters.

Spain's national computer response team, CN-CERT, issued an advisory about the attacks.

On Friday, CCN-CERT, the Spanish computer emergency response team, published an advisory linked to the ransomware attacks.

"The ransomware, a version of WannaCry, infects the machine by encrypting all its files and, using a remote command execution vulnerability through SMB, is distributed to other Windows machines on the same network," the organisation wrote. They also point to a patch from Microsoft.