Everything you need to know about the massive cyberattack that is crippling the NHS

  • Appointments and operations have been cancelled as a result of a major cyberattack on the NHS.
  • At least 40 NHS organisations across England and Scotland have been affected.
  • It has plunged the British health service into chaos, with doctors forced to use pen and paper to work.
  • The NHS has declared a “major incident” in England.
  • Tech experts are “working around the clock” to restore access to NHS systems.
  • Prime Minister Theresa May has confirmed the attack is part of a broader international cyberattack.
  • At least 100 other countries have reportedly been affected.
  • Around 1,000 computers at Russia’s Interior Ministry have also been targeted, according to a ministry spokeswoman cited by Interfax.
  • This is a developing story. If you are an NHS employee, a patient, or have you been affected today, get in touch: abienkov@businessinsider.com

LONDON — Britain’s health services are today struggling to recover its computers systems after a huge ransomware attack hit around 40 NHS organisations on Friday.

Routine operations and appointments were cancelled at trusts across England with ambulances being diverted from some hospitals. Eleven of Scotland’s 14 NHS health boards were also affected.

IT specialists are working round the clock to restore NHS computer systems hit by Friday’s ransomware attack.

The head of the UK’s cyber security agency, Ciaran Martin, said they were doing “everything in our power” to get “vital services” back up and running.

The attack has also affected around 100 other countries around the world.

Here’s everything you need to know about the attack:

What has happened to NHS computer systems?

NHS computer systems in hospitals, trusts and some GP surgeries have been hit by a crippling “ransomware” attack which has encrypted all data on affected computers. The virus, which is spread by opening attachments in emails, renders vital systems inoperable. NHS staff were faced with the following message requesting payment to restore their computers.

The message reads: “Ooops, your files have been encrypted! Many of your documents, photos, videos, databases and other files are no longer accessible because they have been encrypted. Maybe you are busy looking for a way to recover your files, but do not waste your time. Nobody can recover your files without our decryption service.”

“It’s actually a nightmare” one NHS employee told Business Insider. “Everyone is phone calling all over the place and resorting back to paper to make sure people don’t miss out.” Barts Health in London was on Friday redirecting ambulances to other hospitals.

Should I still attend my local hospital?

NHS England are advising that all patients requiring emergency treatment should attend hospital as they normally would. For everyone else, they are advising that you should “use the
use the NHS wisely while we deal with this major incident”.
In a statement, Dr Anne Rainsberry, NHS Incident Director, said: “We’d like to reassure patients that if they need the NHS and it’s an emergency that they should visit A&E or access emergency services in the same way as they normally would and staff will ensure they get the care they need. More widely we ask people to use the NHS wisely while we deal with this major incident which is still ongoing. NHS Digital are investigating the incident and across the NHS we have tried and tested contingency plans to ensure we are able to keep the NHS open for business.”

Will my personal medical data have been compromised?

The NHS say they have “no evidence” that personal medical data has been compromised. All the signs are that this attack is designed purely to obtain money from the operators of whichever systems are affected, rather than targeted specifically at the NHS or its users.

In a statement on Friday, an NHS digital spokesperson said: “A number of NHS organisations have reported to NHS Digital that they have been affected by a ransomware attack. The investigation is at an early stage but we believe the malware variant is Wanna Decryptor. This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors. At this stage we do not have any evidence that patient data has been accessed.

“NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and ensure patient safety is protected. Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available.”

Who was behind the attack?

The identity of the attackers has not yet been confirmed. However, the “ransomware” used for the attack is believed to have been updated with Windows exploits created by NSA, the US spy agency. These were leaked online — and subsequently made their way into the hands of criminals.

Ciaran Martin, head of the UK’s cyber security agency, told the BBC: “It’s important to understand that cyber attacks can be different from other forms of crime in that their sometimes highly technical and anonymous nature means it can take some time to understand how it worked, who was behind it and what the impact is.

“But our commitment is we will be as open as we can be, as soon as we can be, as our investigation continues.”

Are you an NHS employee, or a patient? Have you been affected today? Get in touch: [email protected]

This is a developing story…

NOW WATCH: Everything we know about the next iPhone — including a completely new look

Business Insider Emails & Alerts

Site highlights each day to your inbox.

Follow Business Insider Australia on Facebook, Twitter, LinkedIn, and Instagram.