Here’s what happened
The NHS has been held to ransom and hospitals across the UK were paralysed Friday night.
Operations were cancelled and GP surgeries were locked out of their computer systems, the NHS told patients to stay clear from A&E departments unless it is an emergency.
LondonLovesBusiness understands that some 40 NHS organisations have been attacked across the UK.
This disruption is thought to last until next week as NHS IT experts are desperately trying to restore the computer systems and are working around the clock.
It has been revealed by cyber experts that the cyber-attack has used the same code developed by the American National Security Agency (NSA) by a group known as the Shadow Brokers.
The code which is known as Eternal Blue has been spreading across more than 70 countries at a rate of five million emails per hour.
The cyber-attack is thought to have affected more than 45,000 computer systems around the world.
A ransom of £230 in Bitcoin currency, per user account has been demanded and all staff are locked out of their own accounts. It is thought that 1.4m staff belonging to the NHS were affected and will cost the NHS around £326m in ransom money to unlock the scrambled data.
Sam Hutton, CTO at Glasswall Solutions said to LondonLovesBusiness.com “This is a major cyber attack on the NHS in which criminals are potentially putting the wellbeing of an entire country at risk by locking up data and demanding a ransom.”
“It is likely to have been started in the same way that more than 90 per cent of these attacks start by tricking employees to open email attachments that contain hidden code. Anti-virus defences are useless against these attacks because they only search for known threats, not the new threats and zero-day attacks being devised by criminals on a daily basis.”
“Everyone at the top level should have woken up to this by now because these attacks in email attachments have been going on for a long time. Yet still the senior people stick with the old anti-virus technology that simply doesn’t work and in the process they’re putting organisations like the NHS at risk.”
“It seems inconceivable that organisations such as the NHS are prepared to jeopardise highly confidential patient data or critical infrastructure through inadequate cyber security that relies heavily on out-dated anti-virus technologies, when effective alternatives like file-regeneration are available.”
Doctors have been forced to go back to using pen and paper and staff said that computers are quite literally going down one by one in this unprecedented global cyber hacking.
A message appeared on user’s computers saying “Ooops, your files have been encrypted! Maybe you are looking for a way to recover your files, but do not waste your time.” This message has been used across the world and has been posted in 28 diferrent languages.
This doctor posted this on Twitter:
— Dr Ben White (@drbenwhite) May 12, 2017
This GP posted this on Twitter:
— gigi.h (@fendifille) May 12, 2017
The police have said that this hacking bores the hallmarks of a Russian or eastern European cyber gang although no-one has claimed responsibility.
The prime minister Theresa May, said on Friday that “The National Cyber Security Centre is working closely with NHS Digital to ensure that they support the organisations concerned and that they protect patient safety.”
May also said that cyber-attack did not target just the health service, but it is part of a wider global assault.
A spokesman for Barts NHS Health Trust said: “We have activated our major incident plan to make sure we can maintain the safety and welfare of patients.”
They posted this message on Twitter:
Major IT issues are causing delays at our hospitals. Please use other services if possible. More information at https://t.co/3vfPLyfTvD
— Barts Health (@NHSBartsHealth) May 12, 2017
London’s air ambulance posted this message on Twitter:
The #nhscyberattackhas not affected our operations & we continue to deliver our 24/7 service to London.
— London’sAirAmbulance (@LDNairamb) May 12, 2017
The NHS said in a statement: “A number of NHS organisations have reported to NHS Digital that they have been affected by a ransomware attack.”
“The investigation is at an early stage but we believe the malware variant is Wanna Decryptor. This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors. At this stage we do not have any evidence that patient data has been accessed.”
“NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and ensure patient safety is protected.”
“Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available.”
GCHQ’s, National Cyber Security Centre said that “thousands of organisations and individuals in dozens of countries” had been hit by the attack.”
This cyber-attack has even affected Germany’s train operator, Deutsche Bahn.
This tweet posted by Pamela Moore shows the same message that the NHS received:
Germany’s main train operator Deutsche Bahn was attacked by ransomware based on leaked NSA tools. pic.twitter.com/hP66QZT1cQ
— Pamela Moore (@Pamela_Moore13) May 12, 2017