NHS IT provider suffers severe ransomware attack

Advanced, the provider of digital services like patient registration and NHS 111, has suffered a cyberattack that could take up to four weeks to resolve.

The NHS 111 call-handling service was left to ‘work on paper’ after IT systems failed, according to a letter from NHS England to London GPs seen by the industry magazine Impulse.

The attack had wide-ranging implications, affecting the system used to dispatch ambulances, book out-of-hours appointments and issue emergency prescriptions and severely affecting response times across the four Kingdom countries. -United.

The Birmingham-based company says it first spotted the hack at 07:00 BST on August 4 and immediately took action to contain the hackers. The Welsh Ambulance Service was one of the first to report a ‘major breakdown’ in the system used to refer 111 patients to out-of-hours GPs.

“We rebuild and restore impacted systems in a separate, secure environment,” said a statement from Advanced.

The NHS insists the disruption is minimal, but Advanced would not say whether NHS data was stolen or whether the company engaged in negotiations with hackers or agreed to pay a ransom. In the meantime, the The public was encouraged to continue to use 111 online or by phone, but were warned that calls could take longer to answer.

“While Advanced has confirmed that the incident affecting its software is ransomware, the NHS has tried and tested contingency plans in place, including robust defenses to protect our own networks, as we work with the National Cyber ​​Security Center to fully understand the impact,” an NHS England spokesperson said.

Although Advanced said it was working “tirelessly” to resolve the issues, the company confirmed that it could take an additional three to four weeks to bring some systems back to full performance.

Some of the products affected include Adastra, which is used by the NHS 111 service, and Caresys and Carenotes, which provide the backbone of care home services like patient notes and visitor booking. An NHS psychiatrist, who wished to remain anonymous, told the BBC the attack left his team “to make almost blind clinical decisions”.

“If a new patient came to see us, we weren’t able to read their story or find out much about them,” he said.“We were told to be ready for it not to be operational for who knows how long.”

The National Cybersecurity Center, part of GCHQ, confirmed it was working with Advanced to help it recover and stressed the importance of having defenses and contingency plans for ransomware attacks, whose number has increased considerably over the past two years.

“Ransomware is the number one cyber threat facing the UK,” a spokesperson said.

Five years ago, the WannaCry cyberattack severely disrupted UK health services, leaving the NHS with a bill of almost £100million. Last year, the perpetrators of the attack turned out to be North Korean hackers.

Sign up for the E&T News email to get great stories like this delivered to your inbox every day.