NHS bosses and the government are facing questions over why hospitals had been left vulnerable to the global cyber attack that crippled services on Friday. The health service faces a weekend of chaos after hackers demanding a ransom infiltrated the health service’s antiquated computer system. Operations and appointments were cancelled and ambulances diverted as up to 40 hospital trusts became infected by a “ransomware” attack demanding payment to regain access to vital medical records.
Doctors warned that the infiltration, the largest cyber attack in NHS history, could cost lives. Medics described how computer screens were “wiped out one by one” by the attack, which spread to companies and institutions worldwide, including international shipper FedEx Corp in the US, anda German rail operator. Researchers with security software maker Avast said they had observed 57,000 infections in 99 countries with Russia, Ukraine and Taiwan the top targets.
The NHS said there was no evidence that patients’ medical records had been accessed, but it was unable to say whether the hackers who are threatening to delete information unless payment is received within a week had the ability to destroy such records. Experts at GCHQ’s national cyber security centre were helping NHS teams fight the attack. The US Department of Homeland Security said late on Friday that it was aware of reports of the ransomware, was sharing information with domestic and foreign partners and was ready to lend technical support. The attack has been declared a major incident, and has spread to Scotland, where crisis meetings were also being held last night.
A computer hacking group known as Shadow Brokers was at least partly responsible. It is claimed the group, which has links to Russia, stole US National Security Agency cyber tools designed to access Microsoft Windows systems, then dumped the technology on a publicly-accessible website where online criminals could access it.
Microsoft had provided free software to protect computers in March, raising questions about why the NHS was still vulnerable. Last night the technology giant said it was pushing out automatic Windows updates to defend clients from WannaCry. Cyber experts said the health service appeared susceptible to attack because many trusts were using obsolete systems, while others have failed to apply recent security updates which would have protected them. This week it was suggested that 90 per cent of NHS trusts in the UK were using Windows XP – a 16-year-old operating system. Security experts said that computers using operating software introduced before 2007 were particularly vulnerable, leaving many NHS systems at risk.
In the UK the only affected organisation appeared to be the NHS. Patients awaiting heart surgery were among those who had operations cancelled, with doctors telling how staff were frantically ordering computers to be shut down. New parents were left stuck on wards with their newborns as administrative systems failed. Doctors at dozens of trusts resorted to pen and paper, with no access to medical records that could alert them to medical histories or allergies. Handwritten signs in the entrance of the Royal London’s A&E read: “The emergency department has no IT facilities, there are significant delays occurring.”
NHS trusts are supposed to regularly back up their files.But yesterday doctors and nurses were left treating patients without any access to their medical histories, with lost access to X-rays, blood tests and details such as allergies to medication. It raises the possibility that recent changes to medical records, such as a cancer diagnosis, or the results of a blood test could be lost, if hackers delete the files.
I don't think anyone really knows what going on but we will continue looking for an update.
This video from The Telegraph explains in a little more details: