Updated 8.36pm
A CYBER STRIKE which hit dozens of British hospitals today is part of a wider “international attack”, Prime Minister Theresa May said.
“We are aware that a number of NHS organisations have reported that they have suffered from a ransomware attack. This is not targeted at the NHS, it’s an international attack and a number of countries and organisations have been affected,” May said, referring to the country’s National Health Service.
The state-run NHS declared a “major incident” after the cyber attacks, which prompted some hospitals to divert ambulances and scrap operations.
“The National Cyber Security Centre is working closely with NHS digital to ensure that they support the organisations concerned and that they protect patient safety,” May added.
The prime minister said the government is not aware of any patient data being compromised.
At least 16 organisations within the NHS, some of which are responsible for several hospitals each, have reported being struck.
Ransom demand
Earlier, the NHS itself confirmed the cyber attack.
“A number of NHS organisations have reported to NHS Digital that they have been affected by a ransomware attack,” the public health service said in a statement.
Britain’s National Cyber Security Centre is assisting the investigation into the incident, apparently caused by a piece of malware called Wanna Decryptor, it said.
“At this stage we do not have any evidence that patient data has been accessed,” the statement said, adding: “This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors.”
The cyber attack is said to have led hospitals to divert patients from emergency departments and the postponement of non-urgent procedures.
The computers of hospital staff now bear a message telling them that their files have been encrypted and that they need to send $300 in Bitcoin to an online address. The message says that it will not be possible to access the files until the money has been paid.
In a statement, East and North Hertfordshire NHS trust said: “Today, the trust has experienced a major IT problem, believed to have been caused by a cyber attack.
Immediately on discovery of the problem, the trust acted to protect its IT systems by shutting them down; it also meant that the trust’s telephone system is not able to accept incoming calls.
It is believed that other hospitals affected include ones in London, Colchester and Derby.
Shutdown
“We are aware of a major IT secure system attack. All IT systems have been temporarily shut down,” Derbyshire Community Health Services said on Twitter.
Blackpool Hospitals NHS Trust, which includes six hospitals, said: “Please don’t attend A&E unless it’s an emergency” and “Please avoid contacting your GP practice unless absolutely necessary”.
A spokesman for Barts Health NHS Trust in London said it was experiencing “major IT disruption” and delays at all four of its hospitals.
“We have activated our major incident plan to make sure we can maintain the safety and welfare of patients,” the spokesman said.
“We are very sorry that we have to cancel routine appointments, and would ask members of the public to use other NHS services wherever possible.
“Ambulances are being diverted to neighbouring hospitals.”
Two employees at St Bartholomew’s Hospital in London, which is part of Barts Health, told AFP that all the computers in the hospital had been turned off.
“We have been told that we need to shut down all the computers and even our Wi-Fi on our phones. No computers are currently working,” they said, speaking on condition of anonymity as they were not authorised to speak to press.
Global effects
Forcepoint Security Labs said that “a major malicious email campaign” consisting of nearly five million emails per hour was spreading the new ransomware.
The group said in a statement that the attack had “global scope”, affecting organisations in Australia, Belgium, France, Germany, Italy and Mexico.
In Spain, employees at telecom giant Telefonica were told to shut down their workstations immediately through megaphone announcements as the attack spread.
With reporting from AFP
To embed this post, copy the code below on your site
have your say