Medical practitioners across the UK have been forced back to using pen and paper to make notes about patients. According to the BBC, hospital trusts and facilities in regions including London, Blackburn, Nottingham, Cumbria and Hertfordshire are known to be affected.
According to doctors, components of the NHS computer network appear to have succumbed to the cyberattack. The hackers are reportedly demanding a ransom to release the machines. As The Guardian reports, messages circulated by one doctor claim “everything is gone” after the NHS received a message saying “your computers are now under their control.”
The incident is said to have started at around 12:30pm when several NHS trusts found their email servers were offline. After that, systems used to store clinical and patient data began to crash, before a ransomware window appeared on individual PCs used by staff. The attackers are requesting $300 in Bitcoin per computer to be unlocked.
The doctor also suggested that the cyberattack was “anticipated,” indicating the NHS may have received advance warning and decided not to act on it. At this time, the particulars of the attack are unclear and cybersecurity experts are still assessing the situation.
The East and North Hertfordshire NHS trust confirmed it has experienced a “major IT problem” and is treating it as a cyberattack. Alongside other affected trusts – all of which seem to have experienced the issues simultaneously – it has decided to postpone non-urgent medical check-ups and turn people away from A&E departments.
“Immediately on discovery of the problem, the trust acted to protect its IT systems by shutting them down; it also meant that the trust’s telephone system is not able to accept incoming calls,” The Guardian reports a spokesperson said. “The trust is postponing all non-urgent activity for today and is asking people not to come to A&E – please ring NHS111 for urgent medical advice or 999 if it is a life-threatening emergency.”
The affected trusts have declared a major incident and are following internal procedures designed for use in the event of an IT failure. Where possible, paper records are being used to continue essential operations. It is not clear how many scheduled appointments have been cancelled.
NHS IT specialists are reportedly working on resolving the issues and bringing the system back up as a priority. Details of how the attackers gained access or whether patient data has been compromised are currently undetermined. An extensive investigation should be commenced once the NHS has regained control of the affected machines.
