Hospitals across England have reportedly been hit by a large-scale cyberattack. Some are having to divert emergency patients, with doctors reporting messages demanding money.
The Guardian says National Health Service (NHS) hospitals across the country appear to have been simultaneously hit by a bug in their IT systems. Doctors have been posting on Twitter about what has been happening.
In Spain, Telefonica — one of the country’s biggest telecommunications companies — has fallen victim, and its IT staff is desperately telling employees to shut down computers and VPN connections in order to limit the ransomware’s reach.
A screengrab of an instant message conversation circulated by one doctor says: “So our hospital is down … We got a message saying your computers are now under their control and pay a certain amount of money. And now everything is gone.”
A second doctor tweeted: “Massive NHS hack cyber attack today. Hospital in shut down. Thanks for delaying emergency patient care & endangering lives. Assholes.”
East and North Hertfordshire NHS Trust, one of those affected, said in a statement: “Today, the trust has experienced a major IT problem, believed to be caused by a cyber attack.
According to reports, affected hospitals include those run by East and North Hertfordshire NHS trust, Barts Health in London, Essex Partnership university NHS trusts, the university hospitals of Morecambe Bay NHS foundation trust, Southport and Ormskirk hospital NHS trust and Blackpool teaching hospital NHS foundation trust.
Services affected are thought to include picture archiving communication systems for x-ray images, pathology test results, phone and bleep systems and patient administration systems, the Telegraph reports.
“At approximately 12:30pm we experienced a problem with our email servers crashing. Following this a lot of our clinical systems and patient systems were reported to have gone down,” an NHS IT worker said in a message to a Guardian reporter.
“A bitcoin pop-up message had been introduced onto the network asking users to pay $300 to be able to access their PCs. You cannot get past this screen.
“This followed with an internal major incident being declared and advised all staff to shut down all PCs in the trust and await further instructions.”
There are reports of messages on computers saying: “Oops. Your files have been encrypted,” and demands for bitcoin to be paid, according to Sky News.
The hack appears to be an example of ransomware, where malicious hackers break into computers and only allow their owners back in when they pay enough money.
The attackers are allegedly demanding $300-worth of the digital currency bitcoin, which equates to around £415,000, otherwise the files will be deleted. It gives a deadline of May 19 to pay.
A screenshot obtained by the Health Service Journal (HSJ) purported to show the pop-up that appeared on at least one of the computers affected.
It said: “Your important files are encrypted. Maybe you are busy looking for a way to recover your files, but do not waste your time.
“Nobody can recover your files without our decryption service.”
This week on Telegram, pro-ISIS hackers Caliphate Cyber Terrorism Army published pictures and said it will attack your computers at home. May be related to today’s attack in Spain and UK.