LABOUR PREDICTED NHS CYBER NIGHTMARE
Sturgeon passed buck to boards after MSP quizzed Scots Government about cyber risk
SNP ministers were accused of being asleep at the wheel on cyber security after claims warnings were missed.
The criticism came three days after NHS computers in Scotland were caught up in a massive global computer attack, causing disruption for staff and patients.
Friday’s “ransomware” attack, called WannaCry, locks files on a PC until a ransom is paid.
Experts blamed a reliance on out-of-date software such as Microsoft Windows XP.
Yesterday, Nicola Sturgeon dodged a direct question on whether health boards still use the outdated software.
NHS officials were still desperately trying to work out the status of thousands of computers and IT devices three days after the hack.
The Record can reveal concern was raised in 2010, when Sturgeon was health secretary.
Former Labour MSP Richard Simpson, a retired doctor, questioned the government then after NHS Leeds and Greater Manchester Police were targeted by the Conficker computer virus.
At the time, Sturgeon said health boards were responsible for taking appropriate action.
In 2013, health secretary Alex Neil was asked how the government were responding to Microsoft’s decision to end security on their XP system.
Neil said 9901 of the 11,678 computers had been upgraded. He said work was under way to upgrade a further 1622.
But he also revealed no central record was kept of computers in use by government agencies. NHS boards were left to oversee their own security arrangements. In October 2013, Finance Secretary John Swinney said there was no suitable alternative to Microsoft Windows and Outlook products.
The Scottish Parliament yesterday admitted it has never held an inquiry into online security.
Scottish Labour health spokesman Anas Sarwar said: “Labour has been raising concerns about cyber crime and hacking to our NHS for years but the SNP has been asleep at the wheel.
“Our NHS holds a huge amount of confidential data on both pensions and employees. This simply is not good enough.”
Yesterday, Sturgeon was asked how many computers run vulnerable software. She said there are a “range” of versions in use and the question will be part of the “lesson learning” process. The Scottish Government said around 1500 PCs have been affected across 11 health boards, national services and the ambulance service.
Health Secretary Shona Robison said: “Systems are returning to normal today and I would like to thank NHS staff for their hard work at the weekend.
“Patient safety is paramount and there is no evidence that patient data has been compromised.”