NHS trusts have been urged by the Home Secretary to upgrade their computer systems as the health service faces a weekend of chaos after a debilitating cyber attack prompted hospitals to cancel and delay treatment for patients across the country on Friday.
Amber Rudd said on Saturday that investigators still do not know where the attack came from but that it “wasn’t targeted at the NHS”.
The National Cyber Security Centre (NCSC) has said it was part of a set of global cyber attacks against “thousands of organisations and individuals in dozens of countries” as it launched a major operation in response.
The Home Secretary said that patient data is secure and that no patient data has been accessed or transferred “in any way”.
At least 30 health service organisations in England and Scotland were infiltrated by the ransomware, while many others shut down servers as a precautionary measure, bringing added disruption yesterday afternoon.
Speaking to BBC’s Radio 4’s Today programme, Rudd said there “will be lessons to learn”, one of which is why certain regions were affected and others were not.
The Tory minister queried whether the breach happened because “people in certain areas are following good advice” and downloading anti-virus software.
It has been reported that 90% of NHS hospitals are still using Windows XP.
Experts have suggested that the 2001 operating system has made the NHS vulnerable to cyber-attacks.
Rudd agreed that Windows XP is not as secure as modern platforms and urged trusts to upgrade their software.
“Cyber-security is a huge industry and it is an area where we can all do better to protect our businesses and our personal information,” Rudd said.
“I would expect NHS trusts to learn from this and to make sure that they do upgrade.”
Despite the huge security breach, the Home Secretary maintained that the UK are global leaders in cyber security.
She said: “We do lead the world in cyber security, but it doesn’t mean that we’re not vulnerable to attacks from people that want to attack us and use the internet and cyber attacks as a vehicle for doing so but let’s look at what is actually happened over the past 24 hours.
“So far, all we have seen is patients inconvenienced, so hospitals, so doctors making changes to their daily life but the fact is that no patient data has yet been accessed and the NHS are brilliantly managing to weave through this disruption.”
Hospitals and GP surgeries are facing a backlog of postponed appointments to contend with this weekend, including operations, once the crisis is brought under control.
As the scale of the security breach became clear on Friday afternoon, ambulances were diverted and patients told to avoid some A&E departments.
Staff reverted to pen and paper and used their own mobiles after key systems were affected, including telephones.
Pictures posted on social media showed screens of NHS computers with images demanding payment of 300 US dollars worth of the online currency Bitcoin, threatening to delete files within seven days.
A malware called Wanna Decryptor was used in the attack, which encrypts files on a user’s computer, blocking them from view.
The virus is usually covertly installed on to computers by hiding within innocent-looking emails containing links, which users are tricked into opening.
Security chiefs and ministers have repeatedly highlighted the threat to Britain’s critical infrastructure and economy from cyber attacks.
A spokesman for NHS Digital, which manages health service cyber security, said: “At this stage, we do not have any evidence that patient data has been accessed.”
In Russia, the Interior Ministry said around 1,000 computers were hit by a cyber attack.
Several companies in Spain were also crippled by ransomware attacks.
Telecoms firm Telefonica was one of those reporting problems, along with courier firm FedEx.
A total of 19 English health organisations reported problems, including hospitals and clinical commissioning groups (CCGs) in London, Blackpool, Hertfordshire and Derbyshire.
United Lincolnshire Hospitals NHS Trust said it was forced to cancel all outpatient, endoscopy, cardiology and radiology weekend appointments across its three hospitals.
In Scotland, 11 geographical health boards, including the ambulance service and acute hospital sites, saw their IT networks infected.
At least one health trust found itself named as a victim of the cyber attack despite actually suffering from an unrelated server problem.
First Minister Nicola Sturgeon has chaired a resilience meeting on the issue.
Last year, the Government established the NCSC to spearhead the country’s defences.
In the three months after the centre was launched, there were 188 “high-level” attacks as well as countless lower-level incidents.
Chancellor Philip Hammond disclosed in February that the NCSC had blocked 34,550 potential attacks targeting UK Government departments and members of the public in six months.