This article is from the source 'guardian' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at https://www.theguardian.com/society/live/2017/may/12/england-hospitals-cyber-attack-nhs-live-updates
The article has changed 42 times. There is an RSS feed of changes available.
Previous version
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
Next version
| Version 35 | Version 36 |
|---|---|
| Cyber-attack: 48 NHS trusts hit by ransomware, says UK home secretary – live | Cyber-attack: 48 NHS trusts hit by ransomware, says UK home secretary – live |
| (35 minutes later) | |
| 5.04pm BST | |
| 17:04 | |
| NHS Digital says disruption to last for days | |
| The aftermath of the cyber attack that affected 48 NHS bodies is likely to last for several days, with six still suffering disruption on Saturday. | |
| NHS Digital said engineers are working “around the clock” to fix the problem. “We are aware some bodies, which range from practices to trusts, may have suspended selected systems purely as a precautionary measure,” a spokesman said. | |
| “We are aware of widespread speculation about the use of Microsoft Windows XP by NHS organisations, who commission IT systems locally depending on population need. While the vast majority are running contemporary systems, we can confirm that the number of devices within the NHS that reportedly use XP has fallen to 4.7%, with this figure continuing to decrease. | |
| “This may be because some expensive hardware (such as MRI scanners) cannot be updated immediately, and in such instances organisations will take steps to mitigate any risk, such as by isolating the device from the main network.” | |
| 4.46pm BST | |
| 16:46 | |
| More from Amber Rudd. Amid suggestions outdated software left some NHS systems vulnerable, the home secretary said it is important to remember that it was not the health service alone that has been affected. | |
| “If you look at who’s been impacted by this virus, it’s a huge variety across different industries and across international governments. This is a virus that attacked Windows platforms. The fact is the NHS has fallen victim to this,” Rudd said. | |
| “I don’t think it’s to do with that preparedness. There’s always more we can all do to make sure we’re secure against viruses, but I think there have already been good preparations in place by the NHS to make sure they were ready for this sort of attack.” | |
| Updated | |
| at 5.09pm BST | |
| 4.38pm BST | |
| 16:38 | |
| Amber Rudd admitted “there’s always more” that could be done to protect against viruses. | |
| A fifth of trusts were hit by the ransomware on Friday afternoon, forcing hospitals to cancel and delay treatment. | |
| Rudd said: “Of the 48 that have been impacted, most of them are back to normal course of business, so only six of them have some limits on their business.” | |
| Updated | |
| at 4.40pm BST | |
| 4.30pm BST | 4.30pm BST |
| 16:30 | 16:30 |
| Amber Rudd has been speaking to Sky News political correspondent Beth Rigby: | |
| I did ask the Home Sec when No 10 was going to take the Health Sec out of the cupboard (she said something about a cross-govt approach) #NHS | I did ask the Home Sec when No 10 was going to take the Health Sec out of the cupboard (she said something about a cross-govt approach) #NHS |
| Updated | |
| at 4.40pm BST | |
| 4.19pm BST | 4.19pm BST |
| 16:19 | 16:19 |
| 48 NHS trusts hit | 48 NHS trusts hit |
| Home Secretary Amber Rudd says Friday’s cyber attack affected 48 of the 248 NHS trusts in England, with all but six now back to normal. | Home Secretary Amber Rudd says Friday’s cyber attack affected 48 of the 248 NHS trusts in England, with all but six now back to normal. |
| All A&E departments are operating as normal, she said after chairing a meeting of Cobra, the government’s emergency response committee, on Saturday afternoon. | All A&E departments are operating as normal, she said after chairing a meeting of Cobra, the government’s emergency response committee, on Saturday afternoon. |
| Updated | Updated |
| at 4.26pm BST | at 4.26pm BST |
| 4.09pm BST | 4.09pm BST |
| 16:09 | 16:09 |
| The Liberal Democrats have called for an inquiry into why the Conservatives cut cyber-security support for the NHS by ending a deal with Microsoft. | The Liberal Democrats have called for an inquiry into why the Conservatives cut cyber-security support for the NHS by ending a deal with Microsoft. |
| The party’s shadow home secretary, Brian Paddick, said: “We need to get to the bottom of why the government thought cyber-attacks were not a risk, when a combination of warnings and plain common sense should have told ministers that there is a growing and dangerous threat to our cyber-security. | The party’s shadow home secretary, Brian Paddick, said: “We need to get to the bottom of why the government thought cyber-attacks were not a risk, when a combination of warnings and plain common sense should have told ministers that there is a growing and dangerous threat to our cyber-security. |
| “It is worrying that in Amber Rudd we have a home secretary in the digital age more suited to the era of analogue. This is not the first time she has looked lost in cyber-space. The government likes to look tough but this is an example of where it has left Britain defenceless. We demand to be told why.” | “It is worrying that in Amber Rudd we have a home secretary in the digital age more suited to the era of analogue. This is not the first time she has looked lost in cyber-space. The government likes to look tough but this is an example of where it has left Britain defenceless. We demand to be told why.” |
| 3.59pm BST | 3.59pm BST |
| 15:59 | 15:59 |
| Nadia Khomami | Nadia Khomami |
| The “accidental hero” who halted the global spread of an unprecedented ransomware attack by registering a garbled domain name hidden in the malware has warned the attack could be rebooted. | The “accidental hero” who halted the global spread of an unprecedented ransomware attack by registering a garbled domain name hidden in the malware has warned the attack could be rebooted. |
| The ransomware used in Friday’s attack wreaked havoc on organisations including FedEx and Telefonica, as well as the UK’s National Health Service(NHS), where operations were cancelled, X-rays, test results and patient records became unavailable and phones did not work. | The ransomware used in Friday’s attack wreaked havoc on organisations including FedEx and Telefonica, as well as the UK’s National Health Service(NHS), where operations were cancelled, X-rays, test results and patient records became unavailable and phones did not work. |
| But the spread of the attack was brought to a sudden halt when one UK cybersecurity researcher tweeting as @malwaretechblog, with the help of Darien Huss from security firm Proofpoint, found and inadvertently activated a “kill switch” in the malicious software. | But the spread of the attack was brought to a sudden halt when one UK cybersecurity researcher tweeting as @malwaretechblog, with the help of Darien Huss from security firm Proofpoint, found and inadvertently activated a “kill switch” in the malicious software. |
| The researcher, who identified himself only as MalwareTech, is a 22-year old from south-west England who lives with his parents and works for Kryptos logic, an LA-based threat intelligence company. | The researcher, who identified himself only as MalwareTech, is a 22-year old from south-west England who lives with his parents and works for Kryptos logic, an LA-based threat intelligence company. |
| 3.36pm BST | 3.36pm BST |
| 15:36 | 15:36 |
| Sky News political correspondent Beth Rigby tweets that the Cobra meeting, scheduled to start at 230pm, has now concluded. | Sky News political correspondent Beth Rigby tweets that the Cobra meeting, scheduled to start at 230pm, has now concluded. |
| #COBR #NHSattack meeting over. Attendees included Hunt, Rudd, Treasury minister David Gauke, cab minister Ben Gummer & Lynne Owens of NCA | #COBR #NHSattack meeting over. Attendees included Hunt, Rudd, Treasury minister David Gauke, cab minister Ben Gummer & Lynne Owens of NCA |
| 3.35pm BST | 3.35pm BST |
| 15:35 | 15:35 |
| Many have been asking where health secretary Jeremy Hunt has been amid the computer chaos in the NHS. | Many have been asking where health secretary Jeremy Hunt has been amid the computer chaos in the NHS. |
| He has finally emerged and was spotted earlier this afternoon arriving for the Cobra meeting in Whitehall, as Jon Vale of Press Association tweets. | He has finally emerged and was spotted earlier this afternoon arriving for the Cobra meeting in Whitehall, as Jon Vale of Press Association tweets. |
| Jeremy Hunt arrives at Whitehall for today's COBRA meeting after y'day's cyber attacks against the NHS pic.twitter.com/Mze3aviZZS | Jeremy Hunt arrives at Whitehall for today's COBRA meeting after y'day's cyber attacks against the NHS pic.twitter.com/Mze3aviZZS |
| 3.14pm BST | 3.14pm BST |
| 15:14 | 15:14 |
| Charles Arthur | Charles Arthur |
| Technology commentator Charles Arthur says the Tories are responsible for the sorry state of IT in the NHS: | Technology commentator Charles Arthur says the Tories are responsible for the sorry state of IT in the NHS: |
| Public services aren’t disproportionately targeted by hackers; if anything, they tend to offer less interesting pickings to profit-seeking hackers than smaller commercial outfits. But they constitute low-hanging fruit for ransomware in particular. | Public services aren’t disproportionately targeted by hackers; if anything, they tend to offer less interesting pickings to profit-seeking hackers than smaller commercial outfits. But they constitute low-hanging fruit for ransomware in particular. |
| Amber Rudd can burble as much as she wants, but the £1bn put into the National Cyber Security Centre is a fraction of the amount needed to upgrade the NHS’s IT systems. The next government should acknowledge that fact.” | Amber Rudd can burble as much as she wants, but the £1bn put into the National Cyber Security Centre is a fraction of the amount needed to upgrade the NHS’s IT systems. The next government should acknowledge that fact.” |
| 3.05pm BST | 3.05pm BST |
| 15:05 | 15:05 |
| A Welsh government spokesperson said there had been no incidents in NHS Wales like those affecting NHS systems in England and Scotland. | A Welsh government spokesperson said there had been no incidents in NHS Wales like those affecting NHS systems in England and Scotland. |
| “We have recently invested in upgrading IT to protect potentially vulnerable frontline NHS Wales systems. We have also introduced a national standard for IT security for all GP surgeries in Wales. We continue to monitor the situation closely,” the spokesperson said. | “We have recently invested in upgrading IT to protect potentially vulnerable frontline NHS Wales systems. We have also introduced a national standard for IT security for all GP surgeries in Wales. We continue to monitor the situation closely,” the spokesperson said. |
| 2.54pm BST | 2.54pm BST |
| 14:54 | 14:54 |
| Nadia Khomami | Nadia Khomami |
| The global ransomware cyber-attack that targeted tens of thousands of computers in 100 countries and crippled NHS systems appears to have raised just $20,000 (£15,500) for the criminals behind it, experts working with investigators have told the Guardian. | The global ransomware cyber-attack that targeted tens of thousands of computers in 100 countries and crippled NHS systems appears to have raised just $20,000 (£15,500) for the criminals behind it, experts working with investigators have told the Guardian. |
| Tom Robinson, co-founder of Elliptic, a company that identifies illicit activity involving bitcoin and provides services to most major law enforcement agencies in the US and UK, said that at least three bitcoin addresses have been identified as being associated with the malware used in Friday’s worldwide attack. | Tom Robinson, co-founder of Elliptic, a company that identifies illicit activity involving bitcoin and provides services to most major law enforcement agencies in the US and UK, said that at least three bitcoin addresses have been identified as being associated with the malware used in Friday’s worldwide attack. |
| Read more here: | Read more here: |
| Updated | Updated |
| at 2.57pm BST | at 2.57pm BST |
| 2.24pm BST | 2.24pm BST |
| 14:24 | 14:24 |
| Rudd responds to Labour accusations | Rudd responds to Labour accusations |
| Labour wrote to the health secretary, Jeremy Hunt, earlier today to demand answers on the impact of the ransomware attack on the NHS. Home secretary Amber Rudd - not Hunt - has now replied to that letter. | Labour wrote to the health secretary, Jeremy Hunt, earlier today to demand answers on the impact of the ransomware attack on the NHS. Home secretary Amber Rudd - not Hunt - has now replied to that letter. |
| “The malicious actions of the cyber criminals behind this attack have caused considerable distress for those patients who have been affected,” she wrote. “There is no evidence that any patient data has been compromised and the NHS has done brilliantly to manage the disruption.” | “The malicious actions of the cyber criminals behind this attack have caused considerable distress for those patients who have been affected,” she wrote. “There is no evidence that any patient data has been compromised and the NHS has done brilliantly to manage the disruption.” |
| “But we must be careful not to characterise this as an attack on our NHS, and it is vital we do not jump to the wrong conclusions. As Europol have said, the scale of this attack is unprecedented and it is affecting a wide range of organisations in almost 100 countries around the globe. | “But we must be careful not to characterise this as an attack on our NHS, and it is vital we do not jump to the wrong conclusions. As Europol have said, the scale of this attack is unprecedented and it is affecting a wide range of organisations in almost 100 countries around the globe. |
| “Today we have learned that Nissan’s plant in Sunderland has been affected, while according to reports others affected around the world include major telecoms firms, utility providers, railways, universities and local authorities.” | “Today we have learned that Nissan’s plant in Sunderland has been affected, while according to reports others affected around the world include major telecoms firms, utility providers, railways, universities and local authorities.” |
| Responding to a suggestion by shadow health secretary Jonathan Ashworth that the government had failed to invest in NHS digital services, Rudd added: “We have doubled investment in cyber security to £1.9 billion and established the National Cyber Security Centre as part of GCHQ to act as a single point of contact for major incidents like this. | Responding to a suggestion by shadow health secretary Jonathan Ashworth that the government had failed to invest in NHS digital services, Rudd added: “We have doubled investment in cyber security to £1.9 billion and established the National Cyber Security Centre as part of GCHQ to act as a single point of contact for major incidents like this. |
| “The NCSC provides guidance to organisations on how to protect themselves from ransomware, and CareCERT was established in 2015 to provide national cyber support services for the health and care system. It is delivered by NHS Digital, working with the NCSC, and since 2015 more than £50 million have been made available to support CareCERT services.” | “The NCSC provides guidance to organisations on how to protect themselves from ransomware, and CareCERT was established in 2015 to provide national cyber support services for the health and care system. It is delivered by NHS Digital, working with the NCSC, and since 2015 more than £50 million have been made available to support CareCERT services.” |
| And in a final swipe against Labour, she said: “Should you have any concerns about the security of the Labour Party’s own systems, GCHQ stand ready to provide a briefing on how best to minimise the risk of a successful attack.” | And in a final swipe against Labour, she said: “Should you have any concerns about the security of the Labour Party’s own systems, GCHQ stand ready to provide a briefing on how best to minimise the risk of a successful attack.” |
| 2.03pm BST | 2.03pm BST |
| 14:03 | 14:03 |
| May says 'no evidence' patient records compromised | May says 'no evidence' patient records compromised |
| Theresa May said there is “no evidence that patient records have been compromised” and thanked NHS staff for working overnight. | Theresa May said there is “no evidence that patient records have been compromised” and thanked NHS staff for working overnight. |
| “This cyber attack that has taken place has affected organisations here in the UK but in many countries around the world as well. Europol has said that it is unprecedented in terms of the scale of the cyber attack that has taken place. The National Cyber Security Centre is working with all organisations here in the UK that have been affected and that’s very important,” the prime minister said. | “This cyber attack that has taken place has affected organisations here in the UK but in many countries around the world as well. Europol has said that it is unprecedented in terms of the scale of the cyber attack that has taken place. The National Cyber Security Centre is working with all organisations here in the UK that have been affected and that’s very important,” the prime minister said. |
| “I’d like to thank particularly the NHS staff who have been working through the night to ensure that, as we know, there has been no compromise of patient records.” | “I’d like to thank particularly the NHS staff who have been working through the night to ensure that, as we know, there has been no compromise of patient records.” |
| May also said it was “entirely right” for Amber Rudd to chair a Cobra meeting this afternoon. | May also said it was “entirely right” for Amber Rudd to chair a Cobra meeting this afternoon. |
| “The home secretary has responsibility for these issues but the government is ensuring through our National Cyber Security Centre that we are giving this our full attention and working with all the organisations concerned to resolve it.” | “The home secretary has responsibility for these issues but the government is ensuring through our National Cyber Security Centre that we are giving this our full attention and working with all the organisations concerned to resolve it.” |
| Updated | Updated |
| at 2.08pm BST | at 2.08pm BST |
| 1.46pm BST | 1.46pm BST |
| 13:46 | 13:46 |
| Kate Connolly | Kate Connolly |
| More from Germany, where the main victim of the cyber-attacks appears to be Deutsche Bahn, the national rail network, whose surveillance technology has been seriously affected. | More from Germany, where the main victim of the cyber-attacks appears to be Deutsche Bahn, the national rail network, whose surveillance technology has been seriously affected. |
| Germany’s federal crime police office the BKA has taken over the criminal investigation to find the culprits, according to interior minister Thomas de Maiziere. He said the attack has caused a “very serious threat” that authorities had repeatedly warned was likely. | Germany’s federal crime police office the BKA has taken over the criminal investigation to find the culprits, according to interior minister Thomas de Maiziere. He said the attack has caused a “very serious threat” that authorities had repeatedly warned was likely. |
| According to a DB spokesman, the attack led to the partial shutting down of digital display boards across the country, as well as the failure of ticket machines at railway stations. Video surveillance technology across the country was also affected, a spokesman for the interior ministry said. | According to a DB spokesman, the attack led to the partial shutting down of digital display boards across the country, as well as the failure of ticket machines at railway stations. Video surveillance technology across the country was also affected, a spokesman for the interior ministry said. |
| According to the interior ministry spokesman, government computer networks remained unaffected by the attack. DB appears to be the only organisation that has been attacked in Germany, but whether it has also been affected by the “WannaCry” trojans is unclear. | According to the interior ministry spokesman, government computer networks remained unaffected by the attack. DB appears to be the only organisation that has been attacked in Germany, but whether it has also been affected by the “WannaCry” trojans is unclear. |
| Across the country, travellers reported that digital arrival and departure information display boards had been disrupted. Instead of the normal information, the empty display boards flashed messages informing passengers: “please refer to timetables”. | Across the country, travellers reported that digital arrival and departure information display boards had been disrupted. Instead of the normal information, the empty display boards flashed messages informing passengers: “please refer to timetables”. |
| The bahn.de website and smartphone app appeared to have been unaffected, a spokesman for DB said. Ticket offices remained opened and rail traffic was apparently unaffected by the attack. | The bahn.de website and smartphone app appeared to have been unaffected, a spokesman for DB said. Ticket offices remained opened and rail traffic was apparently unaffected by the attack. |
| Updated | Updated |
| at 4.25pm BST | at 4.25pm BST |
| 1.20pm BST | 1.20pm BST |
| 13:20 | 13:20 |
| The UK-based cybersecurity researcher credited with helping to stop the spread of the ransomware attack has written an article - How to Accidentally Stop a Global Cyber Attack - explaining what happened on his MalwareTech blog. | The UK-based cybersecurity researcher credited with helping to stop the spread of the ransomware attack has written an article - How to Accidentally Stop a Global Cyber Attack - explaining what happened on his MalwareTech blog. |
| My blog post is done! Now you can read the full story of yesterday's events here:https://t.co/BLFORfM2ud | My blog post is done! Now you can read the full story of yesterday's events here:https://t.co/BLFORfM2ud |
| You might need a computer science degree to understand some of it though. | You might need a computer science degree to understand some of it though. |
| 1.05pm BST | 1.05pm BST |
| 13:05 | 13:05 |
| The digitalhealth.net site reports that some of the disruption to NHS services has been caused by trusts turning computer systems off as a precautionary measure, rather than them being infected by the ransomware. | The digitalhealth.net site reports that some of the disruption to NHS services has been caused by trusts turning computer systems off as a precautionary measure, rather than them being infected by the ransomware. |
| One leading NHS IT director told Digital Health News: “All of the reports on the BBC [about disruption] are directly related to people having shut down networks, nothing to do with the ransomware itself. | One leading NHS IT director told Digital Health News: “All of the reports on the BBC [about disruption] are directly related to people having shut down networks, nothing to do with the ransomware itself. |
| “I know people have been hit, but I fail to see how disconnecting clinical systems from networks helps anyone. If your clinical system can be attacked by ransomware, there is something seriously wrong with its deployment.” | “I know people have been hit, but I fail to see how disconnecting clinical systems from networks helps anyone. If your clinical system can be attacked by ransomware, there is something seriously wrong with its deployment.” |
| Updated | Updated |
| at 1.07pm BST | at 1.07pm BST |