Cyberattack rocks U.K. NHS, forcing care cancellations

The WannaCrypt ransomware attack is still disrupting NHS services days after it first hit

The healthcare system in the United Kingdom is reeling from a ransomware attack. The spread of the program across National Health Service (NHS) computers forced doctors to switch to pen and paper and continued to affect care days after it initially hit.

News of the attack first hit on Friday when NHS staffers reported they were unable to access their IT systems and posted pictures online of computer screens showing a ransomware message. Such programs stop users from accessing their files until they make a payment in Bitcoin. The blackout at the NHS was triggered by the ransomware program WannaCrypt.

A feared second spike in the attack failed to materialize on Monday but the healthcare system was still disrupted. Routine surgeries and appointments with general practitioners were cancelled. And in some areas the disruption is expected to continue into Tuesday.


Overcoming Risk in Oncology Drug Development

Oncology drug development is full of potential obstacles and risks, and you must carefully plan each step. Download this whitepaper for tips on finding the fast track. Premier Research. Built for Biotech.

Beyond that, the NHS must try to protect its systems from future attacks. The healthcare system remains unusually-reliant on technology running Windows XP, an old operating system that is more vulnerable to attack than modern alternatives. Microsoft released a security update in March to protect against WannaCrypt but Windows XP was excluded from the patch. After the NHS attack, Microsoft provided a security update for technology running Windows XP.

How helpful that is to the NHS remains to be seen. While it should be possible to patch and protect NHS computers running Windows XP, if the healthcare system also has medical equipment such as MRI machines that run the operating system it may be harder to completely protect the network. Such issues are solvable but the NHS is overstretched financially and has a patchy record of rolling out IT products, in part because of the small cadre of outsourcing providers it relies on have failed to deliver the anticipated results.

The NHS is far from the only healthcare system vulnerable to such attacks, though. Last year a hospital in Los Angeles paid $17,000 to regain control of its IT system following a ransomware attack.

Suggested Articles

The FDA approved the first spinal tether to correct the most common form of scoliosis—a ropelike implant that pulls the vertebrae into shape.

Agilent launched a new analyzer for research that observes cell behavior in real time while also collecting biosensor information.

Five years after Congress passed a law to reduce unnecessary MRIs and CT scans, federal officials have yet to implement it.