NHS hospitals in England hit by a widespread cyberattack (updated)
IT systems across the country are falling victim to ransomware.
Various NHS Trusts are currently battling with what appears to be a large-scale cyberattack affecting IT systems across the country. According to reports, hospitals and GP surgeries are falling victim to a widespread ransomware attack, causing them to shut down their computer networks. The East and North Hertfordshire NHS Trust was one of the first to acknowledge the problem and switch off its systems, warning locals that they will have trouble getting through on the phone and asking them not to visit accident and emergency unless absolutely necessary.
Update: The attack has continued to spread and is now affecting systems around the world.
Update 2 (5/13): In response to infections like the ones that crippled parts of the NHS system, Microsoft is releasing a patch for unsupported systems including Windows XP, Windows 8 and Windows Server 2003.
Trusts in Essex, Blackpool, Derbyshire and elsewhere have confirmed they too have been targeted, and are issuing similar statements urging people to avoid A&E departments where possible. Routine appointments are also being cancelled. With systems down, staff are unable to use phones, access schedules, patient records, emails, X-rays, test results and prescriptions. Needless to say, it's serious.
Reports from hospitals and GP surgeries are piling up, with a lot of activity on Twitter suggesting the ransomware is spreading throughout the entire IT network of NHS England. According to the BBC, the NHS in Wales, which runs on a separate system, remains unaffected.
Here's the malware attack which appears to have hit NHS hospitals right across England today pic.twitter.com/zIAJ6wbAG5
— Lawrence Dunhill (@LawrenceDunhill) May 12, 2017
NHS Digital has released this statement on the ongoing cyberattack:
"A number of NHS organisations have reported to NHS Digital that they have been affected by a ransomware attack.
The investigation is at an early stage but we believe the malware variant is Wanna Decryptor.
This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors.
At this stage we do not have any evidence that patient data has been accessed.
NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and ensure patient safety is protected.
Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available."
The ransomware in question is thought to be spreading via internal email, and is demanding $300 in Bitcoin in exchange for returning user control and decrypting files. Earlier today, Spain's National Cryptology Centre said various local firms were being targeted by this same variant of the WannaCry virus, including Telefonica and several energy suppliers.