Major services at UK health system knocked offline by computer virus
Northern Lincolnshire and Goole NHS Foundation Trust diverted its major trauma patients and cancelled all planned operations on Sunday, following what was cited as a 'virus outbreak,' according to Krebs on Security.
While NHS didn't name the exact virus that hit its system, it was likely a ransomware due to the severity of the incident.
"We have taken the decision, following expert advice, to shut down the majority of our systems so we can isolate and destroy it," the NHS said on its site. "All planned operations, outpatient appointments and diagnostic procedures have been cancelled for Wednesday, Nov. 2 with a small number of exceptions."
The health system continued to see inpatients, including appointments for audiology, pediatrics and chemotherapy, among others. However, more severe cases, like women in labor, were sent to neighboring hospitals.
As of today, the majority of NHS' electronic systems were online and functioning, according to the health system's website.
"The worst time to create an incident response plan is during an incident," Tim Erlin, senior director, IT security and risk strategy for Tripwire, a provider of IT security software, said in a statement. At this point, there can be little doubt that cyberattacks can impact human safety. We're no long talking about protecting data, or credit card theft alone."
"Hospitals and other medical facilities need to recognize the impact that these incidents can have on their operational status, and take proactive measures to implement foundational controls for information security," he continued. "Implementing basic controls for systems that affect patient care needs to be as standard as sterilizing equipment."
The hack preceded the launch of the UK's five-year National Cyber Security Strategy on Tuesday, which will fund billions in cybersecurity spending and special police units focused on organized online cybercriminal groups.