Russia accused as all UK hospitals are put on high-alert after cyber attack forced Trust to cancel operations for three days

RUSSIA was last night accused of being behind a cyber attack on three NHS hospitals that caused operations to be cancelled for three days.

All hospitals across the country have now been put on high alert following the biggest ever attack on the NHS.

3

Hospitals across the UK are on high alert after Russia was accused of launching a cyber attack launched against three NHS hospitals

Managers at Northern Lincolnshire and Goole NHS Foundation Trust shut down computer systems at their hospitals in Grimsby, Scunthorpe and Goole on Sunday.

Almost all planned ops, outpatient appointments and diagnostic procedures were cancelled for three days – affecting 3,300 patients.

They resumed yesterday after computer experts restored staff access to patient records.

3

Managers at Northern Lincolnshire and Goole NHS Foundation Trust shut down computer systems at three hospitals on Sunday

National IT agency NHS Digital sent a message to all NHS providers on Monday afternoon warning of a “potential threat to your organisation”.

The message – seen by the Health Service Journal – was marked “severity: high”.

It added: “Recent media coverage has identified a trust infected with a virus, resulting in the delay of outpatient appointments and certain surgical procedures.

“Following this infection in an NHS trust, we would like to remind all users of the need for proactive measures to reduce the likelihood of infection and minimise the impacts of any compromise.”

An NHS source revealed it was the first attack to have had such a devastating effect on patients.

Security consultant Tony McDowell said yesterday: “It is staggering that our national critical infrastructure can be brought down for three days like this.

“It’s most likely that this was committed by foreign agents because criminals are unlikely to get much financial gain from attacking the NHS.

“Russia would be my prime suspect.

“We’ve recently had the Russian’s sailing their ships through the channel, and this attack could be another sign of them posturing.

“They would be interested to know what can be achieved through cyber-warfare and this will have shown them how devastating an attack like this can be.

“If they can bring the NHS to its knees for three days and there is then a terror attack, there would chaos.”

He added: “I would have expected the Trust to have been running a mirrored system at a disaster recovery centre, which would allow them to switch over immediately in the event of problems.

“They either didn’t have this back-up service – which is surprising – or something prevented them kicking it into action in the usual way.”

The Department of Health said it was not the first cyber-attack on a hospital trust in England but refused to give details on the frequency of such incidents.

A spokesman said it was looking at measures to “reduce vulnerability to cyber-attacks and reduce the impact of a data security incident, if it does occur.”

3

Almost all planned ops and outpatients appointments were cancelled at the hospitals in Grimsby, Scunthorpe and Goole for three days after the attack (file image)

He added: “We are determined to help all health and NHS organisations improve cyber security and will learn lessons from this incident.”

Karen Dunderdale, deputy chief executive of the North Lincolnshire trust, said most of its computer systems were running by late Wednesday.

IT experts were still working on a few affected areas yesterday.

Ms Dunderdale added: “I would like to take this opportunity to apologise to everyone who has had their appointment cancelled this week.

“We will of course be rescheduling them as soon as possible, with those patients identified as clinically urgent seen first.

“I would also like to take this opportunity to thank all of our staff for their dedication and hard work during this major incident as they have worked tirelessly to ensure our patients have been safely cared for during this time.”

An NHS Digital spokesman said: “This issue highlights the fact that there are threats to data security within the health and care, as with any other sector.

“We remain committed to supporting the protection of data with the highest possible security standards, high levels of security expertise from the centre and appropriate training and awareness of the risks for all staff.

“Our alerts are designed as a call for organisations to take sensible action and are not a cause to panic.

“We have no evidence that this is anything other than a local isolated incident but we will continue to keep health and care organisations informed.”

News of the attack emerged a day after Chancellor Philip Hammond restated the government’s aim to spend £1.9billion over five years to underpin its national cyber security strategy.

---