Could our hospitals be crippled by cyber crime?

ABCIPI looks at the threat to medical services posed by Cyber crime.


The answer is yes, some already have been.

In May 2017 Andrew Griffin writing for The Independent newspaper, in the UK reported on dozens of hospital trusts across the country that had been left devastated after been hit by a huge cyber attack that had plunged the NHS into chaos.


It appeared that the IT systems had frozen and would not respond. As a result all emergency patients were diverted to other areas, although many hospitals across England and in Scotland had been affected.


The NHS had been just one victim of the massive attack that spread worldwide to infect computers in seventy-four countries in Asia and in Europe. At the same time, US firm Fedex made an announcement that its operations in the US had also been affected. Russia's emergencies and interior ministries, and the country's largest bank, Sberbank, also reported being targeted.


The hack appeared to have been an example of ransomware where malicious hackers had broken into computers and would only allow system owners back in after they had paid a ‘ransom’.


Typically a message showing on computers told the user that they could recover their files but only if they sent $300 in bitcoins to an address given.


That price would then start to go up until it was paid and if no payment was received then the files, the hackers warned, would be deleted.


The NHS trusts reported that their IT systems had to be shut down to protect them.

With all systems offline the hospitals could not take any take any incoming calls.

Appointments were cancelled, ambulances had to be diverted and some departments had to shut completely. Staff were left to try and cope and had to work with pen and paper as they had no access to any of the hospital digital files.


The Prime Minister, Theresa May and the first minister of Scotland, Nicola Sturgeon, had crisis meetings on the issue, attempting to stem the effects.


The attack turned out to be a new strain of a well-known ransomware known as Wanna Decryptor. It had been updated on the day of the attack and spread around the globe immediately, security experts discovered.


Griifin reported a conversation that circulated online and saw one doctor saying:


"Our hospital is down. We got a message saying your computers are now under their control and pay a certain amount of money and now everything is gone.”


It was not the first time that the NHS has been hit by such an attack although this had been by far the worst, according to experts said, and paralyzing an unprecedented number of hospitals and trusts.


In fact, Griffin reports, the attack came quite soon after a report had been published in the British Medical Journal in which neurologist Dr Krishna Chinthapalli warned hospitals that they were at risk of an attack.

"We should be prepared: more hospitals will almost certainly be shut down by ransomware this year," he wrote.


He had warned literally hours before the attack began that IT departments needed to do more to keep hospitals safe, and that such hacks – which had already hit some hospitals in the US – were a problem waiting to happen.

However, the new attack was the worst that had ever been seen and he said.

"I've never heard about a ransomware attack being so widespread - affecting so many hospitals across such a wide area. There have been many isolated attacks but this is the first to be so coordinated - a number of attacks in different parts of the country.

"We have not seen this either here or in other countries - such as America."

NHS trusts were also asking people not to come to A&E, but instead to ring 111, or 999 in case of emergency. To ensure that all back-up processes and procedures were put in place quickly, East and North Hertfordshire NHS trust declared a major internal incident to make sure that patients already in the trust’s hospitals continued to receive the care they need," a spokesperson said.

Other trusts stressed that some of the problems were being caused by protective measures, rather than the cyber attack itself.”

"Following a suspected national cyber attack we are taking all precautionary measures possible to protect our local NHS systems and services," NHS Merseyside said on Twitter.


The incident highlighted the risk to data security within the modern health service and reinforced the need for cyber security to be at the heart of government planning. The digital revolution has transformed the way we live and work but we have to be ready for the vulnerabilities it brings too.


The problems around this attack were widespread across the world, as the Wanna Decryptor malware spread like wild fire, over the Internet.


At ABCIPI we followed this case with interest because more and more frequently we are being called in on cases like this. There is a very clear and present danger from ever more dangerous cyber attacks. There is the possibility that our medical system or medical systems anywhere in the world could be completely paralysed and millions of patients affected, if more sophisticated cyber attacks strike.


We have been at the forefront of those arming themselves with the knowledge and skill to counter these attacks and work closely with large institutions of all types to try and guard against infiltration by this type of cyber criminal. We can advise on measures to take to minimize the risk of this type of attack and help you to recover from an attack if the worst happens.


Contact us if you need any advice in this area.