NHS hit by large-scale cyber attack

NHS services across England have been hit by a large-scale cyber attack, with trusts and hospitals in London, Blackburn, Nottingham, Cumbria and Hertfordshire badly affected.

According to a report by the Blackpool Gazette, GPs are resorting to using pen and paper to continue providing services, and phone and IT systems have been shut down.

In a message to a Guardian reporter, one NHS IT worker said: “At approximately 12.30pm we experienced a problem with our email servers crashing. Following this a lot of our clinical systems and patient systems were reported to have gone down.

“A bitcoin virus pop-up message had been introduced on to the network asking users to pay $300 to be able to access their PCs. You cannot get past this screen. This followed with an internal major incident being declared and advised all trust staff to shut down all PCs in the trust and await further instructions.

“This is affecting the east of England and number of other trusts. This is the largest outage of this nature I’ve seen in the six years I’ve been employed with the NHS.”

Among those affected is the East and North Hertfordshire NHS Trust which says it is experiencing problems with computers and phones systems. The trust has postponed all non-urgent activity and is asking people not to come to A&E at the the Lister Hospital in Stevenage.

A statement from the trust read: “Today (Friday, 12 May 2017), the trust has experienced a major IT problem, believed to be caused by a cyber attack.

“Immediately on discovery of the problem, the trust acted to protect its IT systems by shutting them down; it also meant that the trust’s telephone system is not able to accept incoming calls.

“The trust is postponing all non-urgent activity for today and is asking people not to come to A&E - please ring NHS111 for urgent medical advice or 999 if it is a life-threatening emergency.

“To ensure that all back-up processes and procedures were put in place quickly, the trust declared a major internal incident to make sure that patients already in the trust’s hospitals continued to receive the care they need.”

Responding to the ransomware attack, NHS Digital said: "A number of NHS organisations have reported to NHS Digital that they have been affected by a ransomware attack. The investigation is at an early stage but we believe the malware variant is Wanna Decryptor.

"At this stage we do not have any evidence that patient data has been accessed. We will continue to work with affected organisations to confirm this.

"NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations, ensure patient safety is protected and to recommend appropriate mitigations. This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors.

"Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available."

Please register to comment on this article