The NHS has been hit by a ransomware attack

More than 45,000 ransomware attacks in 74 countries including the UK, Russia, India and China occurred last week, with private and public sector organisations affected. In the UK, NHS England was particularly affected. The hackers used a technique described in leaked files from the US National Security Agency, published by Wikileaks, to spread the ransomware by exploiting weaknesses in Windows XP.

The attack that took place was the result of ransomware, a type of malware that blocks access to data by encrypting it until a ransom is paid, displaying a page requesting payment to unlock it. Organisations around the world were hit with a ransomware known as Wanna Decryptor, which first appeared in February 2017, and it encrypts files on target computers, and demanding a ransom to be paid in Bitcoin. Delivered as a trojan loaded through a hyperlink that is then opened by the user from a spam email or pop-up web advert, and once activated, spreads through the computer, encrypts the contents of the hard drive, and delivers a ransom note, changing the victim’s wallpaper to a message demanding payment.

The attack hit NHS England, locking staff out of their computers, affecting up to 28 NHS organisations in England, and five GP surgeries in Scotland. NHS Digital says there is no evidence that patient data has been compromised. The NHS in Wales has reported there are no issues with malware on any of its systems. The NHS has been hit by cyber-attacks before - but this latest attack is unprecedented. Disruption is inevitable, particularly when something as important as patient records cannot be accessed by hospitals and GPs. This means appointments and operations having to be cancelled and rescheduled, and patients being transferred to hospitals that are not affected.

It was reported last year that NHS Trusts had been running Windows XP on some machines, despite Microsoft officially ending support for the operating system in April 2014. After this date, Microsoft stopped providing security updates for XP, meaning hackers have been free to exploit vulnerabilities. However, Microsoft continued to provide support for organisations who were willing to pay for updates, with the NHS being one such organisation, paying £5.5 million for an extended support deal. However, the deal came to an end in May 2015 and wasn’t renewed. The logic behind this was that there was steady progress in migrating departments away from Windows XP, but clearly this hasn’t happened.

According to the shadow health secretary, Jonathan Ashworth, concerns had been flagged repeatedly about the NHS’s outdated computer systems, which he said had left it vulnerable to the attack. Amber Rudd, the home secretary, said the NHS would upgrade its software in the wake of the attack.

Perhaps more worryingly, Michael Fallon, the Defence Secretary, has refused to deny claims that the UK’s nuclear submarines use Windows XP. He insisted the subs were “safe”, adding that they operated “in isolation” when out on patrol, which perhaps suggests the only thing protecting them was the lack of an internet connection.