Following on from the WannaCry attack, there were fears that the cyber-attack could continue to have disastrous consequences for healthcare organisations like GP surgeries.
There was extreme concern after the NHS cyber-attack as to exactly how many GP surgeries were directly affected, and health officials were concerned how computer systems would manage when they reopened after the attack.
How many organisations were affected?
As a result of the global cyber-attacks, over 47 trusts were infected in the U.K. by the malicious hack which consequently forced 1/5 of NHS Trusts to postpone operations procedures over the weekend of the attack.
As a precautionary measure, patients were urged to ‘stay away from GPs’ as they were riddled with the fear of a “Monday morning meltdown” following on from the attacks, and they were only accepting urgent appointments.
Dr Helen Stokes-Lampard, chairman of the Royal College of GPs, highlighted that the combination of the attacks, along with precautionary measures taken, had an “extensive impact” on GP surgeries. This could potentially be because many affected and non-affected systems alike were shut down following the incidents. Dr Stokes-Lampard continued to note the hardship that GP surgeries could have faced on the Monday morning following the attack:
“…the concern is that on Monday morning the appointment system may not be working, some places may not be able to access routine results, even the phone lines in some cases may not be working.”
In a bid to make the system manageable again, she urged patients to stay away unless it was urgent:
“…we are saying to the public, please bear with us… If it’s routine please leave it a day or two.”
She did however acknowledge that patients who were in need of urgent appointments should make their way to surgeries themselves if they find that the phone lines aren’t responsive.
The fear wasn’t completely unfounded as there were warnings that the crisis could spread to other sectors. There was also an “escalating threat” as millions of employees switched their computers on after the weekend of them being off.
Even the head of Britain’s National Cyber Security Centre reiterated the warning. Ciaran Martin noted that many existing infections may not have been detected. He also raised the warning that the infections could have spread within networks.
It didn’t give us much hope as he believed that “the crisis could develop at a significant scale” over the weekend the attack took place.
Malware Tech saves the day
It seemingly came by chance that an anonymous blogger who identifies as “Malware Tech” managed to stop the cyber-attack in its tracks. In simplistic terms, he was identifying what kind of malware the hackers were actually using when he discovered a website hidden within the malware that was unregistered. So he registered the domain to see if it would have any effect, and it remarkably shut the whole thing down as the WannaCry malware was designed to shut down once it received a reply from the domain.
Malware Tech may have saved the NHS millions. However, although the worm had been stopped, IT systems were still breached and the NHS had to ensure they knew the extent of the breach. Thus on the Monday morning, systems were still in limbo.
Many surgeries may have been panicking over that fateful weekend to secure or make cyber-security updates. As Dr Stokes-Lampard stated:
“…in some cases computer systems will have been patched over the weekend but what we are frightened about is everyone logging on and there being a massive drain on the system as every computer is updated.”
The largest NHS Trust in the UK, Barts Health NHS Trust, felt the immediate impact of the cyber-attack on the Friday. Even on Sunday afternoon they were forced to divert patients from the A&E departments.
“Escalating threats” across sectors
The global cyber-attack, now known as the Wanna Decryptor ransomware, is estimated to have affected more than 200,000 victims, including the NHS. As mentioned above, the threat isn’t limited to the healthcare sector, and there were “escalating threats” imminent across other sectors too.
Although it was shut down pretty quickly, let this be a lesson learnt for the NHS and other organisations. Ensure that your systems are up-to-date with the latest security to protect you from these cyber-attacks. This kind of ransomware can search for the vulnerable systems, and unfortunately the NHS was one of the most vulnerable systems out there!
It’s extremely worrying that billions of patient records were at risk. The NHS should now have a long and hard think about what measures they are going to take to prevent this from ever happening again.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.