NHS England Cyberattack: Hospitals Throughout UK Hit By Ransomware

National Health Service (NHS) hospitals throughout England were hit by a cyberattack Friday, leaving much of the staff unable to access computers or phones and forcing the hospitals to divert emergency patients.

Hospitals in East and North Hertfordshire, Barts Health in London, Essex Partnership university NHS trusts, the university hospitals of Morecambe Bay NHS foundation trust, Southport and Ormskirk hospital NHS trust and Blackpool teaching hospital NHS foundation trust have all been affected, the Guardian reported.

The technical issues appear to have been caused by a widespread malware attack on NHS systems. A strain of ransomware known as “Wanna Decryptor” appears to be the culprit of the system-wide problems.

An NHS IT employee told the Guardian a message appeared on the screens of infected computers demanding users pay $300 in bitcoin in able to regain access to the machines. The message cannot be closed or ignored, and files on the machine are not accessible.

Often cases in ransomware attacks, the malicious program will encrypt the files on a machine, or create an encrypted backup and delete the original files to prevent any sort of system rollback. The ransoms often have deadlines, and if the fee is not paid by the time set, the files are deleted permanently.

Wanna Decryptor, the apparent malware variant hitting NHS computers, was first discovered in the wild in February of this year. It is believed to be primarily distributed via email phishing scams.

According to NHS Digital, the attack was not specifically targeting NHS but managed to infect hospital systems. The ransomware is currently affecting organizations “from across a range of sectors.”

“A number of NHS organizations have reported to NHS Digital that they have been affected by a ransomware attack which is affecting a number of different organizations,” NHS Digital said in a statement.

“NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organizations and to recommend appropriate mitigations.”

It is not clear if the attack has led to the access or compromise of any patient data. While some procedures are still able to be carried out without the computer systems operating, some hospitals have begun diverting emergency patients to other areas that have not been affected by the attack.

While the system-wide attack on NHS hospitals is one of the first widespread examples of malware hitting hospitals, it is not the first instance in which ransomware has held health services hostage.

Several hospitals have been held ransom in the past, including Hollywood Hospital in California, which was faced with a $3.5 million ransom demand. It eventually paid $17,000 in order to regain access to its vital systems.

Source

http://ibtimes.com/nhs-england-cyberattack-hospitals-throughout-uk-hit-ransomware-2538173