Hospitals in the UK were crippled by a “large-scale” cyberattack on Friday that forced operations to be canceled and ambulances to be diverted.
Health workers reported being locked out of their systems and seeing messages demanding ransom payments to regain access. NHS England described the incident as a “ransomware” attack.
At least 16 organizations connected to the National Health Service (NHS) in England reported being affected. “The investigation is at an early stage but we believe the malware variant is Wanna Decryptor,” officials at NHS Digital said in a statement.
“At this stage, we do not have any evidence that patient data has been accessed. We will continue to work with affected organisations to confirm this,” the statement read.
Hospitals affected range from London North West Healthcare Trust in the capital to University Hospitals North Midlands in central England and York Hospitals in the north.
In Spain, the government on Friday said a large number of companies had been affected by a similar attack. The firms included telecom giant Telefonica and the power company Ibedrola, Reuters reported.
NHS Digital said it was working with the government’s National Cyber Security Centre, the Department of Health and NHS England to help the organizations affected “manage the incident swiftly and decisively.” It said the attack did not specifically target the NHS.
Barts Health NHS Trust in London was “experiencing a major IT disruption and there are delays at all of our hospitals,” its website said.
It had to cancel routine appointments and ambulances were being diverted to neighboring hospitals, Barts said.
The problem also affected the switchboard at Newham hospital, Barts said.
The East and North Hertfordshire Trust also was “experiencing significant problems with our telephone network,” said it in an online statement.
A British medical student who visited two hospitals in London on Friday found widespread computer issues.
At St. Barth’s Hospital in central London, Sean, who did not want to give his last name, said he noticed problems with the network as soon as he arrived. When he tried to access patient files on a computer, he couldn’t find them — even though he knew they were there. He told CNN it appeared as if they had been deleted.
The most worrying development was the problems with the hospital’s referral system, Sean said. The program recommends certain patients for treatment with specialists and has a two-week availability window before the treatment is canceled. The cyberattack, he said, could cause a major backlog in referrals.
At Royal London Hospital, doctors who wanted to access patient scans to use as part of lessons for medical students could not do so, Sean said.
Security experts are still trying to get their arms around the problem.
“The key question” to consider is how an attack such as Friday’s could originate “from a non-critical system such as email” and then spread to other systems, said Awais Rashid, a professor of software engineering at Lancaster University.
“Our society increasingly relies on interconnected systems to deliver key services such as health,” he said.