NHS cyber-attack: GPs and hospitals hit by ransomware

NHS services across England and Scotland have been hit by a large-scale cyber-attack, which is being treated as a major incident.

The prime minister said the incident was part of a wider attack affecting organisations around the world.

Some hospitals and GPs cannot access patient data, after their computers were locked by a malicious program demanding a payment worth £230.

There is no evidence patient data has been compromised, NHS Digital has said.

The BBC understands up to 33 NHS organisations and some GP practices have been affected.

Theresa May said that the National Cyber Security Centre (NCSC) was “working closely” with the NHS but agreed that there was no evidence patient data had been compromised.

“We are aware that a number of NHS organisations have reported that they have suffered from a ransomware attack,” she said.

The PM added: “The National Cyber Security Centre is working closely with NHS digital to ensure that they support the organisations concerned and that they protect patient safety.”

Ambulances have been diverted and there has been disruption at some GP surgeries as a result of the attack.

NHS England said patients in an emergency should go to A&E or access emergency services as they normally would.

Dr Anne Rainsberry, NHS incident director, added: “More widely, we ask people to use the NHS wisely while we deal with this major incident, which is still ongoing.”


Patient safety

NHS Digital said the ransomware attack was not “specifically targeted at the NHS” and was affecting other organisations.

A massive ransomware campaign appears to have attacked a number of organisations around the world.

Telefonica, the Spanish telecoms company which owns mobile network O2, said it had detected a “cybersecurity incident” but that clients and services had not been affected.

Screenshots of a well known program that locks computers and demands a payment in Bitcoin have been shared online by those claiming to be affected.

The NHS in Wales and Northern Ireland has not been affected

NHS Digital said the attack was believed to be carried out by the malware variant Wanna Decryptor.

“NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and ensure patient safety is protected.

“Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available.”

Source: BBC