Massive malware attack hits UK’s NHS; services disrupted

13 May 2017

The UK's National Health Service across England and Scotland has been hit by a large-scale cyber-attack, in which some hospitals and general practitioners cannot access patient data after their computers were locked by a malicious programme demanding a payment worth £230.

The authorities are treating it as a major incident. Prime Minister Theresa May said on Friday it was part of a wider attack affecting organisations around the world.

There is no evidence patient data has been compromised, NHS Digital has said.

According to the BBC, up to 33 NHS organisations and some GP practices have been affected.

May said that the National Cyber Security Centre (NCSC) was "working closely" with the NHS but agreed that there was no evidence patient data had been compromised.

"We are aware that a number of NHS organisations have reported that they have suffered from a ransomware attack," she said.

The PM added, "The National Cyber Security Centre is working closely with NHS digital to ensure that they support the organisations concerned and that they protect patient safety."

Ambulances have been diverted and there was disruption at some GP surgeries as a result of the attack.

Dr Anne Rainsberry, NHS incident director, said, "We ask people to use the NHS wisely while we deal with this major incident, which is still ongoing."

NHS Digital said the ransomware attack was not "specifically targeted at the NHS" and was affecting other organisations.

A massive ransomware campaign appears to have attacked a number of organisations around the world, the BBC reports.

Telefonica, the Spanish telecoms company, which owns mobile network O2, said it had detected a "cybersecurity incident" but that clients and services had not been affected.

Screenshots of a well known program that locks computers and demands a payment in Bitcoin have been shared online by those claiming to be affected.

The NHS in Wales and Northern Ireland has not been affected.

NHS Digital said the attack was believed to be carried out by the malware variant Wanna Decryptor.

"NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and ensure patient safety is protected.

"Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available," it said.