London doctor warned against UK health service cyber hack

An doctor based in London had warned against the cyber-hack of the NHS just days before it crippled the country's network.

Krishna Chinthapalli, a neurology registrar at the National Hospital for Neurology and Neurosurgery in London, had said an increasing number of hospitals could be shut down by ransomeware attacks in an article on the vulnerability of the NHS network in the British Medical Journal on Wednesday (10), two days before the major cyber hack of the National Health Service (NHS) system on Friday (12).

He had highlighted an incident at Papworth Hospital near Cambridge where a nurse clicked on a malicious link and malware infected her computer and started to encrypt sensitive files.

"Fortunately, the hospital's daily data backup had just been completed. The IT director admitted that they were very lucky, saying, Timing absolutely was everything for us," Chinthapalli wrote.

"We should be prepared: more hospitals will almost certainly be shut down by ransomware this year," he wrote.

The revelation came as the home secretary Amber Rudd confirmed today that as many as 48 NHS trusts had been affected by the large-scale cyber-hack by an international criminal gang wreaked havoc around the country.

After chairing an emergency meeting of the COBRA committee, Rudd said that all but 6 trusts were now back to normal.

Confirming that 97 per cent of hospitals were "back to normal", she said, "This is a virus that attacked Windows platforms. The fact is the NHS has fallen victim to this."

The Liberal Democrat and Labour parties have both demanded an inquiry into the cyber-attack.

Patients of the state-funded country-wide service are still facing days of chaos as appointments and surgeries were cancelled after NHS organisations from London to Scotland were hit in the "ransomware" attack yesterday.

NHS Digital said the impact of the cyberattack could continue.

"The situation is changing and impacting organisations in a range of different ways," a spokesperson said.

Ciaran Martin, who leads the UKs National Cyber Security Centre, said his team was doing everything in their power to get "vital services" back up and running.

"We are very aware that attacks on critical services such as the NHS have a massive impact on individuals and their families, and we are doing everything in our power to help them restore these vital services," he said.

"Its important to understand that cyber attacks can be different from other forms of crime in that their sometimes highly technical and anonymous nature means it can take some time to understand how it worked, who was behind it and what the impact is," he told the BBC.

Critically ill patients are being diverted to unaffected hospitals as computer systems failed in A&E units and doctors were locked out of test results, X-rays and patient records.

NHS England said patients needing emergency treatment should go to Accidents & Emergency (A&E) or access emergency services as they normally would.

However, there have been some reports of ambulances being diverted from affected hospitals and individual NHS trusts have asked registered patients not to attend unless it is urgent.

Londons Barts Health NHS Trust, the largest trust in the UK, cancelled all outpatient appointments at its five hospitals today.

The NHS has not been affected in Wales and Northern Ireland.

The assault is part of an attack that has affected organisations in more than 70 countries, including the United States, China, Russia and Spain, disrupting power and telephone companies.

Gangs are thought to have used tools stolen from US spies and dumped online by hackers linked to Russia.

"This is not targeted at the NHS, its an international attack and a number of countries and organisations have been affected," prime minister Theresa May said.

"The National Cyber Security Centre is working closely with NHS Digital to ensure they support the organisations concerned and that they protect patient safety. We are not aware of any evidence that patient data has been compromised," she said.

The attack came after warnings of NHS vulnerability, with cybersecurity allegedly neglected despite a series of attempted hacks.

Ransomware programmes, which are sent by email and spread swiftly, can be bought on the dark web with sellers negotiating a percentage of the takings.

"We will be advising NHS trusts to modernise their platforms," home secretary Amber Rudd said.

The malware used in the NHS attack is called WannaCry and attacks Windows operating systems.

It encrypts files on a users computer, blocking them from view, before demanding money, via an on-screen message, to access them again.

The demand is for a payment of $300 in virtual currency Bitcoin to unlock the files.

The virus is usually covertly installed on to computers by hiding within emails containing links, which users are tricked into opening.

A German ticket machine, a university laboratory in Italy and a number of Spanish firms - including telecoms giant Telefonica, power firm Iberdrola and utility provider Gas Natural - are among those hit by the outbreak.

Portugal Telecom, delivery company FedEx, a Swedish local authority and Megafon, the second largest mobile phone network in Russia, also said they had been affected.