NHS targeted in an international ransomware incident

posted on 16 May 2017, updated on 16 May 2017

On Friday 12 May, 47 English trusts and 13 NHS organisations in Scotland were affected by a global cyber attack. The attack involved the spread of malicious ransomeware, which locks users' files and demands £230 ($300). It forced some hospitals to cancel treatments and appointments, and divert ambulances to other sites.  

It was feared that NHS workers returning after the weekend would experience another spike in attacks as the malicious software could have infected more computers since Friday. However this did not materialise and Hunt told the BBC that, despite the cancellation of numerous patient appointments and operations, 80% of the NHS was “unaffected”. 

Hunt denied parts of the NHS were left vulnerable to attack because they were unprepared:

“Over the last 18 months, we have reduced the proportion of devices in the NHS that use the most vulnerable platform – XP – from 20% to less than 5%,” he said, but he admitted “lessons would be learned”.

Rob Whiteman, CIPFA chief executive, said:

The NHS ransomware attack needs to be a stark reminder for all government organisations to ensure IT security is optimal, regularly reviewed and upgraded, and given the resources to match our reliance on digital systems.

With access to and the use of vast quantities of personal data, public bodies must have in place robust data protection plans, ensure access to expert support and not to cut cyber security resources when efficiencies are needed elsewhere.

Whiteman said priorities about where to spend resources and invest in the workforce should be made in the context of risk management strategies, which assess both the likelihood of problems occurring and the impact if they do.

See the TISonline ICT SecurityCyber Essentials and National Cyber Security Strategy 2016–2021 sections for information on protecting against cyber threats, and for detailed information on the ransomware, click the link below.

Related links:

CIPFA is currently closed, webchat will be available from 03/01/24 from 09:00 - 17:00.