Reports from social media claim that UK hospitals are being held to ransom
Reports from social media claim that UK hospitals are being held to ransom

NHS hospitals have been reportedly hit with a wave of cyber-attacks. NHS England confirmed to the Guardian that several hospitals around England were hit by a simultaneous cyber-attack which affected units all over the country. Hospitals in London, Nottingham, Cumbria and Hertfordshire have been confirmed to be dealing with IT failure.

Computer systems and phones are being shut down with one NHS source telling the Evening Standard that the attack “seems to be growing”.

East and North Hertfordshire NHS released a statement saying that the trust “has experienced a major IT problem, believed to be caused by a cyber-attack.” It added that “immediately on discovery of the problem, the trust acted to protect its IT systems by shutting them down; it also meant that the trust's telephone system is not able to accept incoming calls.”

The trust will be suspending non-urgent activity for the day and the statement encouraged people not to come to A&E.

The nature of the attack has not yet been confirmed but reports from social media suggest that ransomware is behind the coordinated assault.  Other reports say that doctors are now using pen and paper due to the lack of computer facilities.

The NCC group recently warned about the threat of ransomware to the UK's health service, given that many trusts continue to use outdated systems and staff relatively ignorant of the issues of cybersecurity.

A Freedom of Information request filed by the company in 2016 found that 47 percent of NHS Trusts in England had already been hit with ransomware attacks.  Ben Jepson, director of risk management and governance at NCC Group told SC in emailed comments, “It's clearly something all Trusts are grappling with – as are the vast majority of other organisations, both public and private.”

“If a private sector business is held to ransom it can potentially hit its reputation and sales, but the consequences can be more acute when it comes to hospitals. It's not just patient privacy on the line but in some cases it's the hospital's ability to operate, impacting patient care.”