U.K. National Health Service Hit by Major Cyberattack

nhs cyberattack ransomware patients doctors hospitals
A member of the armed forces walks across the ambulance entrance outside the Accident and Emergency department of St. Thomas's Hospital, during an NHS (National Health Service) workers strike, in central London November 24, 2014. The NHS has been hit with a major cyberattack, affecting hospitals, doctors and patients. REUTERS/Andrew Winning

A large-scale cyberattack on England’s National Health Service (NHS) has forced hospitals to divert emergency patients and locked doctors and other staff out of their computers.

The full scale of the attack is yet to be determined. NHS England has confirmed that it is aware of an attack on its IT systems but has not released further details.

Various local reports suggest it is a ransomware attack, which involves hackers hijacking IT systems and demanding bitcoin for their release.

Speaking to Newsweek , security experts have described the attacks as a “huge wake-up call” for the NHS and other healthcare institutions, who some claim treat cybersecurity as an afterthought.

“It highlights the ever-increasing importance of having a 360-degree visibility of activities and behaviour around business-critical data—particularly for large organisations like hospitals,” says Dr Jamie Graves, CEO of cybersecurity specialists ZoneFox.

“Because the NHS holds some of the most sensitive data of all—individuals’ health records—it’s a goldmine for criminals…  Fundamentally, the government needs to pool cybersecurity specialists together to tackle this growing threat to ensure this does not happen again.”

The NHS will deal with the attacks by shutting down almost all of its IT capabilities while it deals with the problem, according to Jamie Moles, a security consultant at the cybersecurity firm Lastline. He says that such an approach can be inefficient and lead to major delays to treatment, and even death.

“With an annual budget in the region of £116 billion, [the NHS] is a massive target for cyber attacks and currently, it’s a poorly defended target.”

Lee Munson, a security researcher at Comparitech, says: "How this has spread throughout several trusts is not yet clear but it would seem to suggest either that many doctors and other hospital staff have been targeted in quick succession, or that an extremely convincing email containing a malicious payload has been shared far and wide. In any event, the incident highlights many issues.

"Firstly, there is the lack of security training and awareness that has likely led to several people opening emails and/or attachments from unknown senders. Secondly, there must be questions as to why this attack has been so damaging in such a short period of time. My thoughts are that there is either an issue with the security around the entire NHS network and/or the IT department has been extremely tardy in taking and restoring backups of essential data."