Data and securityCyber SecurityMajor incident declared after NHS cyber attack (Updated 15/05)

Major incident declared after NHS cyber attack (Updated 15/05)

Attack on the NHS seems to be part of a global ransomware campaign that has attacked a number of organisations around the world

The NHS has declared a major incident after a cyber attack on a number of hospital and GP surgeries across England.

The attack means staff cannot access patient data, which has been scrambled by ransomware. There is no evidence patient data has been compromised, NHS Digital has said.

NHS England said there was a “complex emerging picture”, amid concerns over thousands of computers being switched back on after the weekend.

Seven trusts out of 47 that were hit are still facing serious issues, but patients have been told to turn up for appointments, unless advised otherwise.

The latest statement issued by NHS Digital reads:

We are continuing to work around the clock to support NHS organisations that have reported any issue due to yesterday’s cyber-attack.

We have received no reports of patient data being compromised.

We are not publishing a list of those we are assisting at this stage; given the situation is changing and impacting organisations in a range of different ways. For instance we are aware some bodies, which range from practices to trusts, may have suspended selected systems purely as a precautionary measure.

We are aware of widespread speculation about the use of Microsoft Windows XP by NHS organisations, who commission IT systems locally depending on population need.

While the vast majority are running contemporary systems, we can confirm that the number of devices within the NHS that reportedly use XP has fallen to 4.7 per cent, with this figure continuing to decrease.

This may be because some expensive hardware (such as MRI scanners) cannot be updated immediately, and in such instances organisations will take steps to mitigate any risk, such as by isolating the device from the main network.

Our focus remains on assisting organisations, working closely with the National Cyber Security Centre, the Department of Health, NHS England and NHS Improvement.

The attack on the NHS is part of a global ransomware campaign that has attacked a number of organisations around the world.

Guidance documentation for NHS organisations impacted by the cyber incident can be accessed here.

Related Articles

Government and tech industry hold roundtable on IoT security

Cyber Security Government and tech industry hold roundtable on IoT security

2y Jay Ashar
New Army cyber operations centres for MOD

Cyber Security New Army cyber operations centres for MOD

2y Jay Ashar
Competing priorities biggest roadblock to cybersecurity

Cyber Security Competing priorities biggest roadblock to cybersecurity

2y Jay Ashar
Cybersecurity is a market for lemons

Cyber Security Cybersecurity is a market for lemons

2y Bernard Parsons
Compulsory cyber awareness training for Cardiff council staff

Cyber Security Compulsory cyber awareness training for Cardiff council staff

2y Jay Ashar
UK government to assess the cyber security capability landscape

Cyber Security UK government to assess the cyber security capability landscape

2y Jay Ashar
New capability to help organisations fight cyber threats

Cyber Security New capability to help organisations fight cyber threats

2y Jay Ashar
Room for more cybersecurity over and above GDPR

Cyber Security Room for more cybersecurity over and above GDPR

2y Jay Ashar