NHS Suffers Huge Cyber Attack Affecting Hospitals' Emergency Care

'Thanks for delaying emergency patient care & endangering lives'.
|

Hospitals and GP surgeries have been forced to turn away patients after they were hit by a huge cyber attack on Friday.

NHS England has declared a major incident after computer systems are believed to have been hit by a ransomware cyber attack using malware called “Wanna Decryptor”.

The massive cyber hit is part of a wider international attack and there is no evidence that patient data has been compromised, Theresa May said. The attack is believed to have hit 74 countries.

Computers displayed a message saying users must pay a $300 ransom in bitcoin to retrieve files.

Open Image Modal
The message displaying on NHS computers
Twitter

HuffPost UK understands the breach also hit communications and medical staff at some hospitals were forced to rely on handheld radios to communicate.

A total of 39 NHS organisations reported that their IT systems were hit.

The Barts Health group, which manages major central London hospitals including The Royal London and St Bartholomew’s, said it had activated a major incident plan and had canceled routine appointments.

“We are experiencing a major IT disruption and there are delays at all of our hospitals,” it said. “Ambulances are being diverted to neighbouring hospitals.”

Open Image Modal
The Royal London Hospital is among those hit in the cyber attack
PA Archive/PA Images

Dr Anne Rainsberry, NHS Incident Director, said: “We’d like to reassure patients that if they need the NHS and it’s an emergency that they should visit A&E or access emergency services in the same way as they normally would and staff will ensure they get the care they need.

“More widely we ask people to use the NHS wisely while we deal with this major incident which is still ongoing.

“NHS Digital are investigating the incident and across the  NHS we have tried and tested contingency plans  to ensure we are able to keep the NHS open for business.”

Doctors shared details of what happened on Twitter.

One of them included a screengrab of a WhatsApp conversation where someone claimed: “We got a message saying your computers are now under their control and pay a certain amount of money. And now everything is gone.”

Another said the attack was responsible for “delaying emergency patient care & endangering lives”.

One person shared a shot of what appeared to be a threat demanding payment on the screen of NHS computer.

One nurse at a Yorkshire hospital wrote to the BBC: “We were told to disconnect all computers... we’ve also been told our door entry and heating systems may also not work.

“Our directorate is possibly calling a major incident. Some of our equipment is internally networked and that function has been disabled, but we are still able to use them eg blood sugar metres and ventilators. Kettle still working, so we’ll be OK!”

In a statement, NHS Digital said its investigation was at an early stage but there was no evidence patient data had been lost to the hackers.

It added: “This attack was not specifically targeted at the NHS and is affecting organisations across a range of sectors.”

The National Crime Agency is investigating.

The affected NHS organisations are across England and Scotland include NHS trusts in London, Essex, Cumbria, Hertfordshire and Lancashire.

The following hospitals are reported to have been affected so far:

  • Watford General 

  • Southport

  • Blackpool Hospitals

  • Lister Hospital, Stevenage

  • Leicester

  • Northwick Park, north west London

  • Lincoln County Hospital

  • St. Bartholomew and Royal London

  • Aintree Hospital, Liverpool

  • Colchester General Hospital 

  • Broomfield Hospital, Essex

  • Queen’s Hospital, Burton

  • Royal Stoke University Hospital, Staffordshire 

  • Royal Berkshire Hospital

Liverpool GP Dr Chris Mimnagh told The Guardian his surgery could only deal with urgent cases after the attack.

He said: “Unable to access our clinical system – as a precaution our area has severed links to the wider NHS, which means no access to our national systems, no computers means no records, no prescriptions, no results, we are dealing with urgent problems only, our patients are being very understanding so far.”

One tweeter reported the ransomware attack had hit a university lab.

After the attack, there were reports of similar attacks on organisations across Europe. 

Cyber security expert Jakub Kroustek tweeted there were 36,000 detections of the same ransomware.

Spain’s government said a large number of companies, including telecommunications giant Telefonica, had been hit.