Weekly News

Everything you need to know about the massive cyberattack that is crippling the NHS

May 13,2017 13:06

"It's actually a nightmare" one NHS employee told Business Insider. "Everyone is phone calling all over the place and resorting back to paper to make sure people don't miss out." Barts Health in London was on Friday redirecting ambulances to other ...and more »

Mike Egerton/PA Wire/PA Images
Appointments and operations have been cancelled as a result of a major cyberattack on the NHS. ck.
At least 45 NHS organisations across England and Scotland have been affected.
NHS contract with Microsoft to update patches on Windows XP expired in 2015 despite warnings that systems would be left vulnerable to attack.
It has plunged the British health service into chaos, with doctors forced to use pen and paper to work.
Opponents accuse the government of scrimping on security.
This is a developing story. If you are an NHS employee, a patient, or have you been affected today, get in touch: abienkov@businessinsider.com
LONDON — Britain's health services are today struggling to recover its computers systems after a huge ransomware attack hit around 40 NHS organisations on Friday.
Routine operations and appointments were cancelled at trusts across England with ambulances being diverted from some hospitals. Eleven of Scotland's 14 NHS health boards were also affected.
IT specialists are working round the clock to restore NHS computer systems hit by Friday's ransomware attack.
The head of the UK's cyber security agency, Ciaran Martin, said they were doing "everything in our power" to get "vital services" back up and running.
The attack has also affected around 100 other countries around the world.
Here's everything you need to know about the attack:
What has happened to NHS computer systems?
NHS computer systems in hospitals, trusts and some GP surgeries have been hit by a crippling "ransomware" attack which has encrypted all data on affected computers. The virus, which is spread by opening attachments in emails, renders vital systems inoperable. NHS staff were faced with the following message requesting payment to restore their computers. 
The message reads: "Ooops, your files have been encrypted! Many of your documents, photos, videos, databases and other files are no longer accessible because they have been encrypted. Maybe you are busy looking for a way to recover your files, but do not waste your time. Nobody can recover your files without our decryption service." 
"It's actually a nightmare" one NHS employee told Business Insider. "Everyone is phone calling all over the place and resorting back to paper to make sure people don't miss out." Barts Health in London was on Friday  redirecting ambulances to other hospitals . 
Should I still attend my local hospital?
NHS England are advising that all patients requiring emergency treatment should attend hospital as they normally would. For everyone else, they are advising that you should "use the use the NHS wisely while we deal with this major incident". 
In a statement, Dr Anne Rainsberry, NHS Incident Director, said: "We’d like to reassure patients that if they need the NHS and it’s an emergency that they should visit A&E or access emergency services in the same way as they normally would and staff will ensure they get the care they need. More widely we ask people to use the NHS wisely while we deal with this major incident which is still ongoing. NHS Digital are investigating the incident and across the NHS we have tried and tested contingency plans to ensure we are able to keep the NHS open for business."
Will my personal medical data have been compromised?
The NHS say they have "no evidence" that personal medical data has been compromised. All the signs are that this attack is designed purely to obtain money from the operators of whichever systems are affected, rather than targeted specifically at the NHS or its users.
In a statement on Friday, an NHS digital spokesperson said: "A number of NHS organisations have reported to NHS Digital that they have been affected by a ransomware attack. The investigation is at an early stage but we believe the malware variant is Wanna Decryptor. This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors. At this stage we do not have any evidence that patient data has been accessed.
"NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and ensure patient safety is protected. Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available."
The Home Secretary Amber Rudd told the Today Programme on Saturday: "At the moment we are clear that no patient data has been accessed or transferred in any way. That is the information we have been given."
Who was behind the attack?
The identity of the attackers has not yet been confirmed. However, the "ransomware" used for the attack is believed to have been updated with Windows exploits created by NSA, the US spy agency. These were leaked online — and subsequently made their way into the hands of criminals.
Peter Byrne/PA Wire/PA Images
Ciaran Martin, head of the UK's cyber security agency, told the BBC: "It's important to understand that cyber attacks can be different from other forms of crime in that their sometimes highly technical and anonymous nature means it can take some time to understand how it worked, who was behind it and what the impact is.
"But our commitment is we will be as open as we can be, as soon as we can be, as our investigation continues."
Amber Rudd told the BBC: " It wasn't targeted at the NHS."
"We know from the type of virus it is, that it feels random in terms of where it's come from and where it has been opened.
Asked whether an international criminal gang could have been behind it, she replied: "It could be. It is the type of virus though that works particularly effectively for the promoters of the virus, between systems that are connected to each other, so its more likely to impact on larger organisations than individuals...
"It is not so much about stealing data as holding it to ransom."
Could this happen again?
Ministers have been repeatedly warned that large parts of NHS IT infrastructure were running on outdated operating systems that were no longer supported by the latest anti-virus software.
Freedom of Information requests last sumer revealed that trusts across the country were still using Windows XP, despite a government contract with Microsoft to update protections for the system having expired a year earlier.
The government were aware of the problem as early as 2014, with the Cabinet Office writing to NHS trusts that they should "clearly understand the risk" of being left unprotected.
The largest health trust in the country,  Barts Health Trust, was hit by another ransomware earlier this year.
The Home Secretary said on Saturday that "lessons would be learned" from the attack.
"We will have to look at [new protections] when  we have contained this and are out of the danger zone.
Asked why the virus had only affected some organisations and regions in the country but not others, she replied:
"There will be lessons to learn and that will be one of them. Why are certain regions affected and others not? Is it to do with the software? Is it to do with better IT? Is it because people in some areas are following good advice downloading anti-virus software making sure patches are up to date and backing up data. That's all elements we will have to look at.
Asked whether reports that up to 90% of NHS computer systems were still using Windows XP rather than the latest, safer operating symptoms, Rudd was unable to confirm, but added that "Windows XP is not the best platform [for securing data]."
The government's opponents have been quick to point the blame at underinvestment in IT security.
"The Conservatives try to paint themselves as the party of law and order but crime has changed and they have failed to keep up," Liberal Democrat Shadow Home Secretary Lord Paddick said.
"Instead of investing in the security of the systems that our public services rely on, they have chosen to extend surveillance systems instead.  Rather than giving the NHS the funding it needs to keep its IT up to date, you have a Home Secretary who wants to weaken encryption and waste millions on unnecessary intrusion into people's privacy."
Jeremy Corbyn "very angry" NHS systems were left unprotected
Are you an NHS employee, or a patient? Have you been affected today? Get in touch: abienkov@businessinsider.com
This is a developing story...

business cards business business casual business insider business letter format business casual for women business plan template business plan business casual men business analyst

Share this article

Related videos

Cyber attack crippling NHS 'has hit dozens of countries around the world & one of largest ever seen'
Cyber attack crippling NHS 'has hit dozens of c...
Global cyberattack holds Britain’s NHS and businesses worldwide hostage
Global cyberattack holds Britain’s NHS and busi...