According to Home Secretary Amber Rudd, the NHS IT systems that were targeted by a global cyber attack yesterday have now almost entirely been brought back to normal. Giving a statement after convening a meeting of Cobra, the crisis response committee, she said 97 per cent of Britain’s health service trusts are now “working as normal”.
According to her, the number of health service trusts in England hit by yesterday’s attack were 48 of 248, which is around one in five. Currently, all but six of those are now functioning normally. She said:
The response has in fact been very good. We think we have the right preparedness in place and also the right plans going forward over the next few days to ensure that we limit its impact going forward.
Speaking to the BBC, Rudd also said that she expects NHS trusts to “learn from the cyber attack and upgrade its systems.”
As covered yesterday, there was no evidence to suggest that the health data of any patient was compromised. Then cyber attack was carried out using ransomware, a type of software which takes over files until the company or individual pays a ransom. No information about the attackers has been released.
The attack that hit the health service was part of a much wider cyber assault that has spread to several thousands of computers across 99 countries in public sector organizations and private companies, including global postage group FedEx and Telefonica in Spain. According to researchers from Avast, Russia, Ukraine and Taiwan were the top targets.
The hacking tool, a new strain of “WannaCry” ransomware, is believed to have been developed by the US National Security Agency. It works by encrypting data on the systems hit and reportedly demands payments of between $300 (£230) to $600 in order to access computer files again. According to several reports, the hackers have demanded the ransom to be paid in bitcoin. Creighton Magid, partner at the international law firm Dorsey and Whitney, said:
The cyber-attack, using a ransomware bug known as WannaCry, appears to have used an NSA exploit known as “Eternal Blue” that was disclosed on the web by Shadow Brokers. Microsoft released a patch earlier this year to address the vulnerability, but it appears that a number of hospitals and other users have not applied the patch. Like the DDOS attack last October, this attack shows that interconnected devices and systems are vulnerable to attack by nations, non-state actors and just plain crooks.