Breaking: NHS IT chaos as systems are infected by malware
Malware called Wanna Decryptor is being blamed by NHS Digital. At this stage we do not have any evidence that patient data has been accessed, the organisation said in a statement. We will continue to work with affected organisations to confirm this.
NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and to recommend appropriate mitigations. This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors. The National Cyber Security Centre, which was only opened in February, is assisting NHS Digital. That East and North Hertfordshire has had to suspend all of their non-urgent activity and shut down A&E is a testament to how much they rely on their data to operate. Jason Allaway, VP UK and Ireland for RES Jason Allaway, VP UK and Ireland for RES, a specialist in digital workspace security, said: It s becoming more common an occurrence to see ransomware attacks against healthcare organisations; after all, they are a prime target for attackers due to the nature of the data they hold. It s not just a monetary loss when it comes to medical facilities: it s far more important. The fact that East and North Hertfordshire has had to suspend all of their non-urgent activity and shut down A&E is a testament to how much they rely on their data to operate. Education, vigilance and proven technology such as context-aware access controls, comprehensive blacklisting and whitelisting, read-only access, automated deprovisioning and adequate back-up need to be put in place by healthcare organisations to both prevent and combat this problem as efficiently as possible. Today s events are clear evidence that many healthcare organisations still need to invest in this integrated approach to security.
Wake-up call Dr Jamie Graves, CEO of ZoneFox, which specialises in combating insider threats, said: The large-scale cyber-attack on our NHS today is a huge wake-up call. The effects of this data breach include hospitals having to divert emergency patients, with doctors reporting messages from hackers demanding money, a clear signal of ransomware activity. It also highlights the ever-increasing importance of having a 360-degree visibility of activities and behaviour around business-critical data particularly for large organisations like hospitals. Because the NHS holds some of the most sensitive data of all individuals health records it s a goldmine for criminals. While we are still waiting to find out the scale of this attack, it could possibly have severe impacts on critical medical procedures not just a case of reputational damage and financial loss.
Fundamentally, the government needs to pool cyber security specialists together to tackle this growing threat to ensure this does not happen again.