NHS hospitals across England have been hit with what looks to be a cyberattack with the motivation of extortion. The systems for appointments have been taken down, with the result being that patients are being turned away unless it’s an emergency.
The news largely spread via Twitter, through pictures of the screens of NHS computers with ‘ransomware’ images demanding payment of $300 worth of Bitcoin that said: “Ooops, your files have been encrypted!” BBC tech editor Rory Cellan-Jones tweeted a picture sent to him by a doctor (posted above) reporting “what a London GP sees when trying to connect to the NHS network.”
The affected hospitals are reportedly shutting down all computer systems as a protective measure.
According to NHS Digital, the operator of the booking platform, there is no evidence to suggest that patient data has been compromised. It said the attack was believed to be carried out by the malware variant Wanna Decryptor, issuing a statement that said:
NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and ensure patient safety is protected. Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with colleagues and will share more information as it becomes available.
According to a BBC report, as many as 25 NHS organizations and some GP practices have been affected. Some hospitals and GPs cannot access patient data, with their computers being locked by a program demanding a payment worth £230.
Theresa May said that the National Cyber Security Centre (NCSC) was “working closely” with the NHS, adding:
We are aware that a number of NHS organisations have reported that they have suffered from a ransomware attack.
While the UK’s National Health Service is an institution pioneering in healthcare and provides free access, it has been hit by substantial budget cuts and clearly runs inadequate security systems. It is, of course, too early to tell, but the attack may be part of a much larger global move.
A malware researcher at Avast reported on Twitter that there have been 36,000 detections of Wanna Decryptor globally including in Russia, Ukraine and Taiwan.