‘Out of date’ IT system leaves NHS at risk of further cyber attacks
Professor Ciaran Martin, founding chief executive of the National Cyber Security Centre, said ransomware is a ‘major global problem’.
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.The founding chief executive of the National Cyber Security Centre has warned parts of the NHS’s IT system is “out of date” and at risk of further cyber attacks.
More than 6,000 appointments and procedures were postponed at major London hospitals because of a cyber attack in June.
Professor Ciaran Martin said he was “horrified, but not completely surprised” by the ransomware attack.
He told the BBC: “Ransomware attacks on healthcare are a major global problem.
“In parts of the NHS estate, it’s quite clear that some of the IT is out of date.”
Professor Martin, who now works at the University of Oxford, said outdated IT systems, identifying vulnerable points and basic security practices were critical issues facing the NHS.
NHS England confirmed data stolen in the June 3 ransomware attack on pathology services provider Synnovis had been published online.
According to the BBC, Russian cyber gang Qilin shared almost 400GB of data, including patient names, dates of birth, NHS numbers and descriptions of blood tests, on their darknet site and Telegram channel.
But NHS England said there was “no evidence” the cyber criminals had published an entire database, but that it could take “some weeks” to learn which people were affected by the attack.
Last week, NHS England said 4,913 outpatient appointments and 1,391 pre-planned procedures had been postponed at King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust.
NHS leaders said the attack at the two most affected hospital trusts delayed 1,517 acute outpatient appointments and 136 elective procedures from June 24 to June 30.
Urgent and emergency services had remained available as usual.