Six NHS trusts still dealing with cyber attack that hit one in five across England, says Home Secretary

Amber Rudd says problems were not caused by a lack of preparedness

Ian Johnston,Jon Sharman,Aatif Sulleyman
Saturday 13 May 2017 16:23 BST
Comments
The Home Secretary claimed the problems were not a sign that the NHS had been unprepared for such an attack
The Home Secretary claimed the problems were not a sign that the NHS had been unprepared for such an attack (Getty)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Six NHS trusts in England are still being affected by the ransomware cyber attack, Home Secretary Amber Rudd has said following a meeting of the Government’s emergency Cobra committee.

Ms Rudd said 48 of the 248 trusts in England were hit by the program but the other 42 had managed to recover control of their systems.

The problems forced hospitals to cancel appointments and delay treatment as medical files could not be immediately accessed and have affected thousands of companies and government departments in some 100 countries around the world, including the US and Russia.

The attack's spread was limited after a cyber analyst, working while on holiday, accidentally triggered a hidden ‘kill switch’ in the malicious software.

The 22-year-old, who tweets as @MalwareTechBlog, said he bought a domain name buried in the WannaCry program’s code for just $10.69 (£8.29).

When the ransomware tried to use the address as a trigger mechanism it was diverted, halting a huge number of potential attacks.

Ransomware locks users out of their files and demands payment – in this case, in the Bitcoin cryptocurrency – to release them.

After the Cobra meeting, Ms Rudd said: “Of the 48 that have been impacted, most of [the trusts] are back to normal course of business.

“So only six of them have some limits on their business.”

She claimed the problems were not a sign that the NHS had been unprepared for such an attack.

“If you look at who's been impacted by this virus, it’s a huge variety across different industries and across international governments,” Ms Rudd said.

“This is a virus that attacked Windows platforms. The fact is the NHS has fallen victim to this.

“I don't think it's to do with that preparedness. There's always more we can all do to make sure we're secure against viruses, but I think there have already been good preparations in place by the NHS to make sure they were ready for this sort of attack.”

However, she admitted, “there's always more” that can be done to protect against viruses.

The Japanese car giant Nissan admitted on Saturday morning that its Sunderland factory had also fallen victim to ransomware.

France’s Renault was also affected.

A Nissan spokesman said: “Like many organizations around the world, some Nissan entities were recently targeted by a ransomware attack. Our teams are responding accordingly and there has been no major impact on our business. We are continuing to monitor the situation.”

Though the problem is infamous in the UK for the damage it has done to NHS systems, the effects have focused most specifically on Spain and Russia, according to experts.

Theresa May praises NHS staff in wake of cyber attack

“This cyber attack is much larger than just the NHS,” said Travis Farral, the director of security strategy for cyber security firm Anomali Labs. “It appears to be a giant campaign that has hit Spain and Russia the hardest.”

The software is believed to be using an American cyber-weapon leaked to the public earlier this year. The ransomware is taking advantage of EternalBlue, an exploit spies used to secretly break into Windows machines, according to the Register.

Microsoft patched the issue earlier this year, but only on version of the Windows operating system that it continues to support. Up to 90 per cent of NHS computers still run Windows XP, according to a report published in the British Medical Journal earlier this week.

The operating system was released in 2001, and Microsoft cut support for it in 2014. People can continue to use it, but doing so comes with enormous risks.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in