Hospitals Across England Go Dark After Massive "Cyber-Attack"; Hackers Demand Ransom

Tyler Durden's picture

Hosptials across the UK have been hit by what appears to be a major, nationwide cyber-attack, resulting in the loss of phonelines and computers, with many hospitals going "dark" and some diverting all but emergency patients elsewhere. At some hospitals patients are being told not to come to A&E with all non-urgent operations cancelled, the BBC reports.

The UK National Health Service said: “We’re aware that a number of trusts that have reported potential issues to the CareCERT team. We believe it to be ransomware.” It added that trusts and hospitals in London, Blackburn, Nottingham, Cumbria and Hertfordshire have been affected and are reporting IT failures, in some cases meaning there is no way of operating phones or computers.

At Lister Hospital in Stevenage, the telephone and computer system has been fully disabled in an attempt to fend off the attack.

NHS England says it is aware of the issue and is looking into it.

According to the Telegraph, doctors across the country have seen this message - what appears to be ransomware - flash up on their screens. The notification demands that $300 worth of bitcoin be sent to a specific address to unlock the infected computer.

One source told Health Service Journal that  multiple trusts had been affected by a suspected malware attack around 1.30pm. They said trusts had their computer systems almost entirely shut down.

East and North Hertfordshire NHS trust said in a statement: “Today the trust has experienced a major IT problem, believed to be caused by a cyber attack.

“The trust is postponing all non-urgent activity for today and is asking people not to come to A&E - please ring NHS111 for urgent medical advice or 999 if it is a life-threatening emergency.

 

“To ensure that all back-up processes and procedures were put in place quickly, the trust declared a major internal incident to make sure that patients already in the trust’s hospitals continued to receive the care they need.”Health officials are understood to have declared a major incident and ordered a meeting of national resilience teams.

 

NHS Digital said: “We’re aware that a number of trusts that have reported potential issues to the CareCERT team. We believe it to be ransomware.”

There are reports that trusts affected include East and North Hertfordshire, North Cumbria, Morecambe Bay hospitals, Blackpool, and Barts Health in London. A number of GP surgeries also say they are also unable to use their systems.

IT specialists are working to resolve the problem as quickly as possible, a statement from the trust says. A GP from a surgery in York said: "We received a call from York CCG [Clinical Commissioning Group] around an hour ago telling us to switch off all of our computers immediately. "We have since remained open, and are dealing with things that can be dealt with in the meanwhile."

Services affected are thought to include picture archiving communication systems for x-ray images, pathology test results, phone and bleep systems and patient administration systems. The source added: “This will mean delays and a focus on the sickest patients. I’ve seen it once before and we relied on local trusts supporting each other. If truly widespread then that’ll not be an option.”

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
InjectTheVenom's picture

Russians to get the blame in 

3 .... 2 .... 1  .  .  .  .

RAT005's picture

After the hospital pays the ransom, send them another Adjusted bill.

Ahmeexnal's picture

This time the CIA used a tool with inserted "chinese state evidence" coding strings.

NoDebt's picture

I'm tellin' ya, this whole internet thing?  It was a bad idea.

 

AltRight Girl's picture

Some are deperate to stack Bitcoins as becomes more and more attractive, and soon might go mainstream.

As Bitcoin Surges over $1,800, Fed Official Admits Blockchain Value


Slurm's picture

Really? A whole $300?

 

LOL this isn't news. Send the $300 ASAP and it'll be over in 30 minutes.

 

Instead they'll spend the whole day with IT making them restore backups, which will cost thousands of dollars in OT.

 

BTW, it's a standard ransomeware 'attack'. They hit emails not specific facilities, if they did, the ransom would be 100,000. 

poeg's picture

Usually arrives in a docx to HR. If they know their targets, it's to an OSX device which won't detect it with a FW request for HR who pops it knowing the person who FW to them. Seen this a number of times. Now they're using Facebook to identify target relationships within companies and spoofing addy, even stationary, for that personal touch.

 

Oh and the ransome does match the target. Seen 1.4K to 200+K CDN as the figure with the standard 7 day window.

Infnordz's picture

And the main sex in HR are females, probably less technically literate, and probably r-type, so the people with probably some of the worst security judgement!

 

As soon as I became aware of email attachment exploits, years ago, I added a first email receipt rule to redirect all emails with attachments to my junk folder (with tight viewing security restrictions), so that I can look for header/body clues before I decide between sandbox checking them or deleting them.

I now regard any business sending attachments to me as security clueless idiots, text should be in the body of the email and anything more complex should be provided at link to, secure, on-line storage.

 

jaxville's picture

  Some people and/or organizations should not be allowed to have computers.  What a disgraceful display of incompetence.

A Nanny Moose's picture

What if your wallet/walletID gets encrypted?

kw2012's picture

You can blame Al Gore for that. He invented it!

lasvegaspersona's picture

Fortunately most electronic medical records contain very little useful info and are mostly cut n paste of the day before.

The docs brain is where the useful information resides.

I refused to go EMR and my paper charts are ...yup...still there.....

Hikikomori's picture

Agree 100%.  I worked in a busy emergency department that lost all phone communications one night, in the late '80s.  We had paper charts, film X-rays, and paper lab slips.  Everything worked smoothly except for having to call the police (via hand held radio, which the security guards had) to wake up two surgeons at home who were needed to come in to perform operations.

It's also impossible to hack medical records by the thousands when they are paper.

847328_3527's picture

Soweeto bin Bama forced EMR's (electronic med records) on every doctor. Recent research shows a normal docotr spends 52% oif his working day doing paperwork and completing the medical records instead of pateint care.

 

The conclusion was that there's a soaring burnout rate since most docs went into medicine to see patients, operate, etc and NOT do paperwork for the government and ins companies.

Second, there's a deterioration in patient care since at least 40% of the time the docotr is doing his EMR instead of looking at, examing or actually talking to the patient.

MD Anderson reports s serious drop in reveneue due to the cost of keeping medical recrods. I think they said 55%. It may be another reason why they do NOT accept Obamacare at thre world famous cancer hospital. Doctors don't want to spend their precious time filling in gubmint/insurancce forms all day!

 

Trump should cut taxes for the middle class and nix the EMR completely.

forestgump227's picture

That only happens in the (((United States)))

Jim Sampson's picture

Oh noes...  and I just sold all of my physical to buy Bitcoin!

 

/s

3LockBox's picture

Ransom demands in BTC?

Going after the sick and elderly?

What will be the reaction for the majority of the plebs who can't spell bitcoin...

This can't be good for the cryptos.

 

in4mayshun's picture

Sounds like their IT staff needs to be fired- poorly planned architecture.

peddling-fiction's picture

Hospitals insist on using MS Windows for their "terminals".

Many propietary medical systems also run on MS.

<chuckle>

buzzkillb's picture

Not sure how the UK works, but the US has quite a bit of medical related stuff tied directly to the internet. The smaller places are sitting ducks here, because of being stubborn about protecting their internet connections. Though, it really depends where the ransomware originates from. Is this from someone browsing random internet, or browsing govt medical site? Possibly related to the massive wordpress hacking going on over the last couple of weeks?

Reminds me to buy yet another backup for my business.

Miskondukt's picture

You forgot to mention that he personally informed you of this while you guys snaptime'd prior to him paying you your spy services fee via venmo...all while you are [magically] eluding the all so competent NSA/CIA/FBI spying on smart phones

E.F. Mutton's picture

So patients in the NHS can't get care?  This is different from any other day how...?

OTOH, If Boris Alotovkrap starts posting from the Caymans...

shovelhead's picture

Expanding beyond the confines of copper mining?

J Jason Djfmam's picture

No, it's some fat guy living in his mom's basement.

blue51's picture

English false flags , are spaghetti western quality .

smacker's picture

Dunno about that. 7/7 tube trains was a pretty good false flag. Not on the scale of 9/11 but ,,,

Philo Beddoe's picture

Pay only in Bitcoin. That is what criminals use these days folks. Better outlaw that. Printing presses are still ok until further notice. 

Bunga Bunga's picture

WTF, they also offer "Check Payment". Better outlaw banks too.

RagaMuffin's picture

Nationalize health care......make the world safe for ransomeware     \S

WillyGroper's picture

trusts...ha

misix can't kill us off fast enuf.

. . . _ _ _ . . .'s picture

Was one of the administrators browsing porn?

order66's picture

Should be good justification for sanctions and a few drone strikes.

mily's picture

MI5/MI6 need some extra funds to plug the whole in their budgets?

Urban Redneck's picture

NHS is almost all digital, no paper charts on the patients' doors, that sort of makes it IMPOSSIBLE to provide treatment for the seriously ill ALREADY in the system.  They're not exactly Roadrunner fast when it comes to getting diagnostic and test data in the first place, so if doctors and nurses don't even have access to existing data, that's a HUGE issue for anyone already stuck in the NHS hellhole.

So of course the Orwellian ass clowns shift the focus to the incoming and pretend this is a minor issue for THOSE people. 

The Press and Politicians should be statutorily stripped of the basic human right to life until they get their act together.

HowdyDoody's picture

NHS IT infrastructure is outsourced as part of the process of piratization.

Urban Redneck's picture

Whether the infrastructure and operational management of it is outsourced, or done in house is irrelevant.  

I outsourced lots of shit when I worked for a big bank (as well as a fair amount of consolidation) - I.WAS.RESPONSIBLE for "it" regardless of where and how I chose to run "it". 

NHS management is responsible for those decisions, as well as having backup procedures in place for basic emergency services.  If NHS management weren't suck brainless dickless wankers they might have been more effective in standing up to Parliament over budget cuts, perhaps management was offered some gold colored fixtures in the NHS executive washroom to buy off anyone with an IQ above room temperature... 

 

shovelhead's picture

Just give everyone in the hospital barbiturates and keep em quiet until they get it fixed.

No problem.

Urban Redneck's picture

I have observed the over prescription of painkillers almost as placebo to be standard practice in US hospitals already.  Pain is the body's way of saying something is wrong and needs to be fixed.  My experience with the UK is limited to more serious stuff, due to a smaller circle of friends/acquaintances, and the fact that no one comes to the abrasive American asshole with their personal medical problems unless they are really close friends or it's really serious and life threatening.

chiaroscuro's picture

All this trouble and much more could be averted with a return to simple, elegant pen and paper.

Urban Redneck's picture

And some xerox machines to backup the pen & paper (that carbonless shit faces over time and tears easily)... perhaps that could provide jobs for some of those "it specialists" since they really are just egotistical glorified and overpaid "repair men"  -  who never learned the difference between taking pride in your work, and taking it too far.

What's weird is that my handwriting is as bad as a doctor's, and everyone knows how bad my typing is... so there has to be a MOUNTAIN of evidence now of people checking the "wrong" box... nothing but food/fees for the lawyers and food/outrage for the politicians,  people are being put through hell now in order to provide basic sustenance for lower life forms.  

chiaroscuro's picture

Poor handwriting or not, I don’t believe electronic medical records arose out of concerns for patient safety. And the push for them didn’t come from doctors, nurses or patients. I suspect it started when the corporations that created EMRs grew weary of wooing the healthcare industry and decided their new product wasn’t making money fast enough consensually. So they teamed up with government muscle which naturally couldn’t pass up an opportunity for more regulation and prying into people’s private lives. That, in my opinion, is how we got screwed.

 

. . . _ _ _ . . .'s picture

Is that an XP window?

"...varias organizaciones que se ha llevado a cabo aprovechando una vulnerabilidad en Windows."

Probably.