NHS hack could be about to become far worse as people switch on computers after weekend

Existing infections may start spreading all over again

Andrew Griffin
Monday 15 May 2017 02:07 EDT
Comments
National requirements state that 75 per cent of life-threatening calls must be reached in eight minutes
National requirements state that 75 per cent of life-threatening calls must be reached in eight minutes (Getty)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The true scale of the hack that hit the NHS could only become clear on Monday morning.

Despite cyber security experts working hard to save hospitals from the attack, it may turn out to be far worse than previously thought after the weekend.

In the NHS, experts are concerned that many pieces of equipment – not only computers but things like heart monitors – will be switched on for the first time after the weekend and may start being infected and spreading the malware all over again.

More than 200,000 victims in around 150 countries have been infected by the ransomware which originated in the UK and Spain on Friday before spreading globally.

Ciaran Martin, chief executive of the National Cyber Security Centre, said the outbreak could continue to infect more systems and other victims may emerge.

"On Monday morning at the start of the new working week it's likely that successful attacks from Friday that haven't yet become apparent will become apparent," he told the Press Association.

"And also existing known infections can spread, we can't say what scale the new cases will occur at but it's likely there will be some."

It is not known how the attack has affected GP surgeries, which are due to open as usual on Monday.

An NHS England spokesman described it is a "very complex emerging picture".

People are advised to attend any hospital or doctor appointments as normal, unless they are contacted and told not to.

Professor Helen Stokes-Lampard of the Royal College of General Practitioners said many GPs went into their practices on Sunday to reboot their computers and install updates.

"GPs, of course, can still diagnose and treat patients without using computers but we ask our patients to bear with us if routine services such as repeat prescriptions and appointment booking services are slightly disrupted this week," she said.

"In the meantime, we wish to reassure patients that your GP will be there for you as usual if you are taken ill and that you will receive the best possible care from the NHS, despite the current difficulties."

Around a fifth of NHS trusts were hit in the attack, forcing them to postpone operations and procedures over the weekend.

Seven hospitals remained on A&E divert on Sunday afternoon, with ambulances taking emergency patients elsewhere, NHS England said.

Dr Anne Rainsberry, NHS incident director, said: "We have been working with 47 organisations providing urgent and emergency care who have been infected to varying degrees.

"Most have found ways of working around this but seven, including St Barts in London, have asked for extra support."

It comes amid concerns networks were left vulnerable because they were still using outdated Windows XP software.

Brad Smith, Microsoft president and chief legal officer, described what happened as a "powerful reminder" of the importance of updating software.

"The fact that so many computers remained vulnerable two months after the release of a patch illustrates this aspect," he said in a blog post.

"As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems.

"Otherwise they're literally fighting the problems of the present with tools from the past."

Medical staff reported seeing computers go down "one by one" as the Wanna Decryptor ransomware, also known as WannaCry, took hold, locking machines and demanding money to release the data.

The apparent chink in the NHS's defences led to criticism of the Government, with the Liberal Democrats demanding an inquiry.

Labour's shadow health secretary, Jonathan Ashworth, in a letter to Health Secretary Jeremy Hunt, said concerns were repeatedly flagged about outdated computer systems.

Investigators from around the globe, including the National Crime Agency, are working to hunt down those responsible for the virus.

A British cyber whiz was hailed an "accidental hero" after he registered a domain name that unexpectedly stopped the spread of the virus.

The anonymous specialist, known only as MalwareTech, issued a warning that hackers could upgrade the virus to remove the kill switch.

Among those affected by the virus was Nissan, but the car manufacturer said there had been no major impact.

A spokesman said it was "business as usual" for the Sunday night production shift at the plant in Sunderland.

Additional reporting by Press Association

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in