Cyber-attack that hit NHS sparks bitter political battle over health spending

13 May

The cyber-attack that crippled NHS systems and forced operations to be cancelled throughout the UK on Saturday has become a bitterly contested election issue, with Labour and the Liberal Democrats blaming the crisis on the government’s failure to upgrade hospital computers.

A Cobra emergency ministerial meeting held on Saturday afternoon heard that 48 NHS organisations – a fifth of the total – were caught up in the attack, which spread to 99 countries.

Shadow health secretary Jonathan Ashworth wrote to health secretary Jeremy Hunt saying that concerns had been repeatedly raised about the NHS’s outdated computers. Labour leader Jeremy Corbyn expressed anger that the government had not renewed a multimillion-pound security package.

“In 2014, there was a one-year renewal of the protection system on the NHS systems which was not renewed and so systems are now not upgraded and not protected,” Corbyn said. “As a result, we’ve got this dreadful situation.”

The Lib Dems demanded an inquiry into why the Conservatives had cut cyber-security support a year ago when it axed the £5.5m deal with Microsoft. “We need to get to the bottom of why the government thought cyber-attacks were not a risk, when a combination of warnings and plain common sense should have told ministers that there is a growing and dangerous threat to our cyber-security,” said the Lib Dem shadow home secretary Brian Paddick.

“It is worrying that in Amber Rudd we have a home secretary in the digital age more suited to the era of analogue. This is not the first time she has looked lost in cyberspace. The government likes to look tough, but this is an example of where it has left Britain defenceless.”

But speaking in Northern Ireland, the prime minister sought to emphasise the global nature of the attack. “This cyber-attack that has taken place has affected organisations here in the UK but in many countries around the world as well,” Theresa May said. “Europol has said that it is unprecedented in terms of the scale. The National Cyber Security Centre is working with all organisations here in the UK that have been affected and that’s very important.”



Worldwide ransomware attack hits NHS hospitals

Rudd said that all but six of the NHS trust IT systems that had been hit in the attack were able to function again and dismissed claims that the government was not taking cybersecurity seriously enough.

“This government has long recognised the growing threat of cyber-attack from those who wish to do us harm and has invested significantly to bolster our cyber-defences,” she said.

However, NHS staff painted a picture of chaos at some trusts, as failed computer systems brought electronic communication to a standstill.

Barts, the biggest trust in the NHS, was one of those hit the hardest. On Saturday ambulances were being directed away from the three A&E units it runs at Newham, Whipps Cross and the Royal London hospital. The trust has also had to postpone an undisclosed number of non-urgent operations due this weekend, mainly hip and knee replacements.

Porters were having to take x-rays and CT scans by hand to doctors, resulting in some patients experiencing delays in their diagnosis.

The University Hospitals of the North Midlands trust, which runs hospitals in Stoke and Stafford, said the cyber-attack had resulted in only “minimal impact on clinical services”, but was nonetheless asking patients not to come to its A&E units unless absolutely necessary.

The British Medical Association said some doctors had to “resort to pen and paper” instead of updating patient records digitally.

Dr Mark Porter, BMA council chairman, said: “This cyber-attack on NHS information systems is extremely worrying for patients and the doctors treating them. There have been reports of hospital doctors and GPs unable to access patients’ medical records, appointment booking systems and in some cases having to resort to pen and paper.”

Jan Filochowski, who ran six trusts including Great Ormond Street children’s hospital in London, said: “Most of the NHS IT system is out of date. It’s been behind the curve in terms of investment in IT for years. But there’s a real problem in replacing it because the costs are enormous and it would involve major capital expenditure from the Treasury and that has been deeply constrained [in recent years] during the resource squeeze in the NHS. To give the NHS the modern IT system it so desperately needs would cost hundreds of millions, and probably billions, and it would take years to do, given the complexity involved.”

Cybersecurity experts say the attacks, launched through a virus called Wanna Decryptor, exploits a vulnerability in Microsoft Windows software that was first identified by the US National Security Agency, which built a specialist hacking tool to exploit it.

The tool was leaked onto the web earlier this year when hackers dumped a cache of NSA files. In March Microsoft issued a special patch to protect Windows users. But only those who uploaded it were protected from the ransomware attack, in which hackers demanded payment in return for unlocking their victims’ computers.

No comments yet

Leave a Reply