Cyber Attack On NHS Software Services

British NHS 111 medical staff nationwide were left using pens and paper after a major cyber attack was carried out over the weekend. People seeking medical help via the service are being warned of delays due to a “major” computer system outage caused by the attack which affected the phone service and referrals to out-of-hours GPs.

The system was shut down by hackers thought to be linked to a hostile state and cyber crime experts have been drafted in to investigate.

Advanced, a firm providing digital services for NHS 111, said the attack was spotted at 07:00 on Thursday 4th August. The attack targeted the system used to refer patients for care, including ambulances being dispatched, out-of-hour appointment bookings and emergency prescriptions.

The British National Crime Agency said it was "aware of a cyber incident" and was working with Advanced. "A security issue was identified yesterday, which resulted in a loss of service. We can confirm that the incident is related to a cyber attack and as a precaution, we immediately isolated all our health and care environments. Early intervention from our Incident Response Team contained this issue to a small number of servers representing 2% of our Health & Care infrastructure." an Advanced spokesman said

Advanced suggested the issue might not be fully resolved until next week and family doctors in London were warned by NHS England they could see an increased number of patients sent to them by NHS 111 due to the severe technical issue. It said a letter to GPs in the capital stated the problem was affecting the electronic referral process for patients.

Officials believe the fallout will last until Tuesday at the earliest, with the public told there will be delays when ringing the hotline.

It’s feared disruption could drive patients to overstretched accident and emergency departments over the weekend. An NHS England spokesperson said there was currently minimal disruption, and it was monitoring the situation. "NHS 111 services are still available for patients who are unwell, but if it is an emergency please call 999," they said.  

  • The Isle of Wight NHS Trust declared a critical incident in response to ‘sustained pressure’ on its A&E services. 
  • The Welsh Ambulance Service warned it may take longer for calls to be answered over the weekend. It said: "There is a major outage of a computer system that is used to refer patients from NHS 111 Wales to out-of-hours GP providers.
  • A Scottish Government spokesperson said it was aware of reported disruption to one of NHS Scotland's IT suppliers' systems and is "working with all health boards collaboratively on a four nations basis with the National Cyber Security Centre and the supplier to fully understand potential impact".
  • A spokesperson for Northern Ireland's Department of Health said they are working to keep disruption to a minimum. "As a precaution, to avoid risk to other critical systems and services, access to the company's services from the HSC (Health and Social Care system) has been disabled, while the incident is contained," they said.

Commenting on the attack Ross Brewer of enterprise cyber security platform AttackIQ said, ‘’This latest breach bringing the NHS 111 service to its knees is yet another example of an IT supplier being used to gain access in order to bring down critical national infrastructure...  While the specific details in this case are still developing, typically compromises of suppliers are used as an entry point to gain access to the target organisation or the service a supplier may be running on their behalf."

Regardless of the entry point, organisations should have protection and detection mechanisms to stop such intrusions developing into a catastrophic service failure, according to Brewer.

"In the case of cloud services hosted by the third party suppliers, the provider should have similar protections. To often not enough testing of people, processes and technology is taking place to validate an organisation’s cyber security readiness." he added.

An NHS spokesperson said “There is currently minimal disruption, and the NHS will continue to monitor the situation as it works with Advanced to resolve their software system as quickly as possible, tried and tested contingency plans are in place for local areas who use this service.”    

 Pulse Today:     HSToday:     BBC:    Guardian:     Independent:     Metro:   STV:     LBC: 

You Might Also Read: 

Ireland’s Health Service Won't Pay Ransom:
 

« AI Driven Anomaly Detection In The Oil & Gas Industry
Taiwan's Government Websites Attacked Just Before Pelosi’s Visit »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Centre for International Governance Innovation (CIGI)

Centre for International Governance Innovation (CIGI)

CIGI research areas include Conflict Management & Security which encompass cyber security and cyber warfare.

GovCERT.CZ

GovCERT.CZ

GovCERT.CZ is the Government Computer Emergency Response Team of the Czech Republic.

TSUNAMI

TSUNAMI

The TSUNAMi center focuses on software and system security and how trustworthy software can be built from COTS software components.

WireX Systems

WireX Systems

WireX is an innovative network intelligence and forensics company that is changing the way businesses resolve cyber-attacks.

Kivu Consulting

Kivu Consulting

Kivu Consulting combines technical and legal expertise to deliver data breach response, investigative, discovery and forensic solutions worldwide.

Solidified

Solidified

Solidified is the largest audit platform for smart contracts. Our community has the highest concentration of top Blockchain security specialists and best-in-class code auditors.

PixelPlex

PixelPlex

PixelPlex is a blockchain and custom software development company with offices and developers in New York, Geneva, and Seoul.

DataPassports

DataPassports

DataPassports is a data-centric security and privacy solution that enforces privacy and security from end-to-end with transparent protection of data at the source.

Evolution Equity Partners

Evolution Equity Partners

Evolution Equity Partners is an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cyber-security and enterprise software companies.

Nassec

Nassec

Nassec is a Cyber Security firm dedicated to providing the best vulnerability management solutions. We offer tailor-made cyber security solutions based upon your requirements and nature of business.

iSPIRAL IT Solutions

iSPIRAL IT Solutions

iSPIRAL is a leading regulatory technology software provider delivering state-of-art AML, KYC, Risk and Compliance solutions.

NASK

NASK

NASK is a National Research Institute under the supervision of the Chancellery of the Prime Minister of Poland. Our key activities involve ensuring security online.

Digital Catapult

Digital Catapult

Digital Catapult is the UK authority on advanced digital technology. We bring out the best in business by accelerating new possibilities with advanced digital technologies.

Liquis Inc.

Liquis Inc.

Liquis, founded in 2002, is one of the largest facility decommissioning services companies in the U.S.

Infima Cybersecurity

Infima Cybersecurity

INFIMA tackle the hard parts of managing your Security Awareness Training program so you can focus elsewhere.

StrongDM

StrongDM

StrongDM is the leader in Zero Trust Privileged Access Management (PAM).