News of these issues with the National Health Service (NHS) broke yesterday, but I decided to wait for the speculation to die down before reporting on something as important as an essential service we all rely on.
The cyber incident impacted the NHS 111 service – not the emergency 999 service – and was first spotted on Thursday morning. It was effectively contained, by the NHS IT support team to a small number of servers so limiting the impact on the NHS and patients.
NHS 111 software outage confirmed as cyber-attack – BBC News
The situation is ongoing with reports across the country of various service providers having problems, but nothing that local plans have not been able to deal with. Access between certain NHS systems has been disabled to limit to spread of the cyber-attack.
This is actually a good news story as it showed the NHS response to such cyber security incidents was effective.
If you want to understand how a ransomware attack can spread and the impact it could have on your operations, this paper by Ghafur, Kristensen, Honeyford, Martin, Darzi and Aylin. (2019) is a methodical examination of the 2017 NHS WannaCry cyber security incident. It was not targeted, but probably the result of a member of staff opening an infect email.
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
Happy Birthday WannaCry – but don’t expect a card from the NHS – Smart Thinking Solutions
NHS cyber-attack: GPs and hospitals hit by ransomware (2017) – BBC News
References
Ghafur, S., Kristensen, S., Honeyford, K., Martin, G., Darzi, A., & Aylin, P. (2019). A retrospective impact analysis of the WannaCry cyberattack on the NHS. NPJ digital medicine, 2(1), 1-7.
