Hacked surgeries face Monday meltdown
PATIENTS are being warned not to visit their GPS today amid fears of a “Monday morning meltdown” as a result of the cyber attack on the NHS.
There were warnings yesterday that the crisis could spread to other sectors, with the director of Europol and the head of Britain’s National Cyber Security Centre raising fears that the crisis “will continue to grow” as people return to work.
So far, the damage has been limited due to the quick-thinking of a young security researcher, who was hailed as an “accidental hero” after inadvertently halting the spread of the virus.
The 22-year-old is today revealed as Marcus Hutchins, from Devon.
Working from a bedroom in his parents’ home, he paid just £8 to register a domain name which stopped the attack. He later admitted he had not realised it would be so effective.
But yesterday he also warned that further attacks were likely, saying hackers could upgrade their virus to remove his “kill switch”, rendering any systems which are not patched to be vulnerable. “We have stopped this one, but there will be another one coming,” he said.
“There’s a lot of money in this. There’s no reason for them to stop.”
A second attack was thwarted soon afterwards by another expert.
The leader of Britain’s family doctors last night urged patients without appointments to stay away from GP practices for the next 48 hours. Dr Helen Stokes-lampard, chairman of the Royal
College of GPS, said the attack and resulting precautionary measures would have an “extensive impact” on practices today. GPS could be dealing with the appointment system failing and a lack of access to test results.
Dr Stokes-lampard also warned that phone lines might not be working so asked people to stay away if they could.
“If you are urgent we will prioritise but if not please give us a couple of days,” she said. She added that if phone lines are not working, patients in need of urgent appointments could go to surgeries.
Many practices would have tried to carry out security updates over the weekend but fears remain that the true damage could only become clear as thousands of doctors try to log on to their computers today.
A spokesman for NHS England said: “Your GP practice will be open and working as normal during at this time. However, you may experience some difficulties contacting the surgery while telephone systems are being reconnected.
“Appointments may be slower than usual, as some surgeries will be using paper-based records whilst electronic systems are switched back on.” At least 47 NHS organisations have been affected by the crisis. Last night seven hospitals – including London’s Barts NHS trust, the largest in the country – were continuing to divert patients from Accident & Emergency.
The rest have been able to restore their functions, leaving them to sort out a backlog of patients and attempt to identify what information has been lost since systems were last backed up.
The impact on GP services has been less clear, with the attack occurring on Friday afternoon as many surgeries prepared to close for the weekend.
Health officials are concerned about how the systems will cope when 8,000 GP surgeries open this morning, with no central record of how many practices have been affected.
More than 200,000 victims across 150 countries have been infected by the Wanna Decryptor ransomware, also known as Wannacry.
Yesterday a new variant of the virus entered circulation, but was stopped by a cyber expert’s kill switch. IT spe- cialists said the development showed that around the world hackers were trying to exploit the same weaknesses in “copycat” attacks.
Rob Wainwright, the director of Europol, said he had been concerned for some time that the health service was not properly protected.
He added that he was fearful that the virus could spread across other sectors, with particular risks today as most workers return to their desks.
“At the moment we are in the face of an escalating threat, the numbers are going up and I am worried about how the numbers will continue to grow when people go to work and turn their machines on,” he said.
“What is happening here is the exploitation of a flaw in the Microsoft operating systems.
“It is only affecting those computers that are not patched. We have been concerned for some time that the healthcare sector in many countries is particularly vulnerable.”
Ciaran Martin, chief executive of the National Cyber Security Centre (NCSC), said the situation could worsen. “The way these attacks work is that there are compromises of machines and networks that probably haven’t been detected, and also ones that have been detected can spread,” he said last night.
‘I am worried about how the numbers will grow when people go to work and turn their machines on’