It has come to light that ransomware was used in a cyberattack that seriously impacted the 111 services and a key NHS IT provider and might take up to four weeks to fix.
The hack had far-reaching consequences, impacting the system used to dispatch ambulances, schedule after-hours visits, and distribute emergency medicines.
Advanced, a provider of essential systems to the NHS, reported a cyber compromise at 7:00 a.m. on August 4, which has since been contained.
The hack had far-reaching consequences, impacting the system used to dispatch ambulances, schedule after-hours visits, and distribute emergency medicines.
According to a letter from NHS England to London GPs published by the industry publication Pulse, call handlers for the NHS 111 service were forced to “work on paper” and response times were “affected negatively” by the cyber assault.
The Welsh Ambulance Service reported a “significant outage” of the system used to refer patients from 111 to out-of-hours GP providers, stating that the problem impacted all four UK nations.
The public was encouraged to utilize 111 online or by phone but was advised that calls may be answered more slowly.
It comes five years after the WannaCry hack drastically interrupted services, resulting in the cancellation of thousands of appointments and leaving the NHS with a bill of around £100 million.
This attack was attributed to North Korea, however, it remains unknown who is responsible for the most recent hack on NHS systems.
A spokeswoman for Advanced stated, “We want to emphasize that there is no evidence to imply that our clients are at risk of virus proliferation, and we think that early involvement by our Incident Response Team restricted this issue to a small number of servers.”
The company reports that it is collaborating with the NHS and National Cyber Security Centre to validate the procedures it has taken before the NHS resuming online operations.
Advanced stated it is working “relentlessly” to remedy issues, but confirmed it could take an additional three to four weeks to restore full functionality to some systems.
“As you might expect, we are in the first phases of our investigation into this event and are collaborating with our third-party forensic partners to obtain more information.
“Although we have not yet determined the underlying cause – and this may take some time – rest assured that we will keep you informed as we learn more.”