NHS hospitals plunged into chaos by major cyber attack

NHS hospitals have been forced to divert emergency ambulances and cancel operations after their computer systems were hit by a massive cyber attack.

Hospitals and GP surgeries in England and Scotland were among 16 health service organisations hit by a ransomware attack, using malware called Wanna Decryptor.

Staff were forced to revert to pen and paper and use their own mobiles after the attack affected key systems, including telephones.

Pictures posted on social media showed screens of NHS computers with images demanding payment of 300 US dollars worth of the online currency Bitcoin, threatening to delete files within seven days.

A spokesman for NHS Digital spokesman, which manages health service cyber security, said: "At this stage we do not have any evidence that patient data has been accessed.

"We will continue to work with affected organisations to confirm this."

He added the attack "was not specifically targeted at the NHS and is affecting organisations from across a range of sectors".

The attack came as several companies in Spain were hit by ransomware attacks. Telecoms firm Telefonica was one of those reporting problems.

English hospitals and clinical commissioning groups (CCGs) in London, Blackpool, Hertfordshire and Derbyshire were among those to report problems.

In Scotland NHS Greater Glasgow and Clyde, NHS Dumfries and Galloway and NHS Forth Valley said some of their GP surgeries have been caught up in the incident.

NHS Lanarkshire and NHS Western Isles also confirmed they have been affected.

First Minister Nicola Sturgeon is to chair a resilience meeting on the issue.

St Barts Health NHS Trust, which runs The Royal London, St Bartholomew's, Whipps Cross and Newham hospitals in London, said it had implemented its major incident plan to cope with disruption.

It was hit by a previous ransomware attack in January.

At the Royal London Hospital operations were cancelled and staff were ordered not to touch their computers.

Wheelchair-bound Richard harvey, 50, told how he was forced to leave his ward after a procedure on hip injuries sustained in a motorcycle accident three years ago was postponed.

Mr Harvey, who spent all day fasting ahead of surgery, told the Press Association a nurse told him at 4.50pm, adding: "I was very disappointed, I had been waiting all day.

"I was very nervous, I am quite a nervous person when it comes to things like this, I was quite disappointed and hungry.

"I would like them to come up a bit earlier and say it has been cancelled, I could have had something to drink a lot earlier."

A Barts spokesman said it was experiencing "major IT disruption" and delays at all four of its hospitals.

He added: "We are very sorry that we have to cancel routine appointments, and would ask members of the public to use other NHS services wherever possible.

"Ambulances are being diverted to neighbouring hospitals."

United Lincolnshire Hospitals NHS Trust said it was cancelling all outpatient, endoscopy, cardiology and radiology weekend appointments because of the attack, which had affected Lincoln County Hospital, Pilgrim Hospital and Grantham Hospital.

Mark Brassington, its chief operating officer, said: "We will be diverting some emergency cases to local hospitals which are not affected by the attack, where possible.

"We ask patients to only come to our A&Es if absolutely necessary.

Wanna Decryptor is a piece of malicious software that encrypts files on a user's computer, blocking them from view and threatening to delete them unless a payment is made.

The virus is usually covertly installed on to computers by being hidden within innocent-looking emails containing links, which users are tricked into opening.

Pictures on Twitter showed computers with messages saying: "Ooops, your files have been encrypted!"

"Maybe you are looking for a way to recover your files, but do not waste your time."

The National Cyber Security Centre (NCSC) said it was aware of a "cyber incident" and was working with NHS Digital and the National Crime Agency to investigate.

Security chiefs and ministers have repeatedly highlighted the threat to Britain's critical infrastructure and economy from cyber attacks.

Last year the Government established the NCSC to spearhead the country's defences.

In the three months after the centre was launched there were 188 "high-level" attacks as well as countless lower-level incidents.

Chancellor Philip Hammond disclosed in February that the NCSC had blocked 34,550 potential attacks targeting UK Government departments and members of the public in six months.

Dr Anne Rainsberry, NHS Incident Director, said: We'd like to reassure patients that if they need the NHS and it's an emergency that they should visit A&E or access emergency services in the same way as they normally would and staff will ensure they get the care they need.

More widely we ask people to use the NHS wisely while we deal with this major incident which is still ongoing.

NHS Digital are investigating the incident and across the NHS we have tried and tested contingency plans to ensure we are able to keep the NHS open for business.''