NEWS
13/05/2017 14:37 BST

Experts Bid To Tackle Cyber Attack After NHS Services Crippled

Experts are working to disrupt an unprecedented international cyber attack which has crippled NHS services and hit car manufacturer Nissan.

A Cobra meeting is being held on Saturday afternoon after 45 NHS organisations were caught up in the global attack which is thought to have affected 99 countries, including the US and Russia.

A Nissan UK spokesman confirmed it was first affected by the attack on Friday night but there had been "no major impact".

The ongoing situation is getting the "full attention" of the Government's National Cyber Security Centre (NCSC), Theresa May said, amid suggestions outdated software left some health service systems vulnerable.

Speaking in Northern Ireland, the Prime Minister said: "This cyber attack that has taken place has affected organisations here in the UK but in many countries around the world as well.

"Europol has said that it is unprecedented in terms of the scale of the cyber attack that has taken place. The National Cyber Security Centre is working with all organisations here in the UK that have been affected and that's very important.

"I'd like to thank particularly the NHS staff who have been working through the night to ensure that, as we know, there has been no compromise of patient records.

"The Home Secretary will be chairing Cobra this afternoon. I think that is entirely right. The Home Secretary has responsibility for these issues but the Government is ensuring through our National Cyber Security Centre that we are giving this our full attention and working with all the organisations concerned to resolve it."

She said there is no evidence that patient records have been compromised.

A Nissan spokesman said: "Like many organisations around the world, some Nissan entities were recently targeted by a ransomware attack. Our teams are responding accordingly and there has been no major impact on our business. We are continuing to monitor the situation."

It is understood systems across offices and the factory floor have been hit.

Home Secretary Amber Rudd said lessons may need to be learned in the wake of the breach, which has affected NHS services across England and Scotland, forcing hospitals to cancel and delay treatment.

It is feared computers in A&E wards, GP surgeries and other vital services were infected with a virus based on hacking tools developed by US cyber warfare agents.

They were infiltrated by the malicious software, while many others shut down servers as a precautionary measure.

Ms Rudd said Health Secretary Jeremy Hunt had told health trusts to upgrade their software and most of them had.

Speaking ahead of the Cobra meeting, she told Sky News: "It is disappointing that they have been running Windows XP - I know that the Secretary of State for Health has instructed them not to and most have moved off it."

She added: "Where the patient data has been properly backed up, which has been in most cases, work can continue as normal because the patient data can be downloaded and people can continue with their work."

Shadow health secretary Jonathan Ashworth has written a letter to Mr Hunt, saying concerns were repeatedly flagged about the outdated computer systems.

Responding, Ms Rudd said: "This Government has long recognised the growing threat of cyber attack from those who wish to do us harm and has invested significantly to bolster our cyber defences."

Labour leader Jeremy Corbyn branded the attackers "a bunch of 21st Century highway robbers" and expressed anger that the Government did not renew a multimillion-pound security package.

He said: "It's unbelievably disgusting and I've got nothing but contempt for those people that have done it, and I'm sure all of you would share that.

"But I'm also very angry that in 2014, there was a one-year renewal of the protection system on the NHS systems which was not renewed after that and not renewed the year after that and so systems are now not upgraded and not protected. As a result, we've got this dreadful situation that NHS workers are facing today."

Doctors reported seeing computers go down "one by one" as the "ransomware" took hold on Friday, locking machines and demanding money to release the data.

The NCSC said teams were "working round the clock" in response to the attack.

Experts say the virus, called Wanna Decryptor, exploits a vulnerability in Microsoft Windows software first identified by American spies at the National Security Agency (NSA).

The tools were leaked on the web earlier this year when hackers dumped a cache of NSA files following a security breach.

Prior to the dump, Microsoft released a fix, or patch, for the issue, although computers that did not install the update, or could not due to the age of their software, would have been vulnerable to attack.

In December it was reported nearly all NHS trusts were using an obsolete version of Windows that Microsoft had stopped providing security updates for in April 2014.

Data acquired by software firm Citrix under Freedom of Information laws suggested 90% of trusts were using Windows XP, then a 15-year-old system, but a spokeswoman for NHS Digital said: "It is a much smaller number."

Just one day before Friday's attack a doctor warned that NHS hospitals needed to be prepared for an incident precisely of the kind seen.

In an article published in the British Medical Journal, Dr Krishna Chinthapalli, a neurology registrar at the National Hospital for Neurology and Neurosurgery in London, said hospitals "will almost certainly be shut down by ransomware this year".