[BreachExchange] Lincolnshire Hospitals Cancel Operations After Their IT Suffers Virus Infection

[Audrey McNeil]

http://www.techweekeurope.co.uk/security/lincolnshire-hospitals-cancel-operations-after-their-it-suffers-virus-infection-199869

A virus infected the network of the Northern Lincolnshire and Goole NHS
Foundations Trust (NLAG) forcing its hospitals to shutdown its computers
and cancel operations and appointments across Lincolnshire.

“Our main priority is patient safety. A major incident has been called and
all planned operations, outpatient appointments and diagnostic procedures
have been cancelled for today (Monday) and tomorrow (Tuesday). All patients
should presume their appointment/procedure has been cancelled unless they
are contacted. Those who turn up will be turned away,” the Trust said.

“We are reviewing the situation on an hourly basis. Our clinicians will
continue to see, treat and operate on those patients who would be at
significant clinical risk should their treatment be delayed.”

NHS cyber attack

The move to shut down most of its computer network has been taken so that
NLAG’s IT staff can isolate the virus and destroy it.

While the antenatal clinics and chemotherapy treatments, as well as
emergency departments will remain open, the rest of the hospitals’
operations have been halted with patients advised to only come to it if
they absolutely must. Other patients such as women in labour are being
diverted to nearby hospitals.

The cyber attack also affected the United Lincolnshire Hospitals Trust
which shares some of the clinical IT system is used with NLAG. As such, the
virus has had a rather wide affect and significant impact.

Both Trusts appear to have contingency plans to look after their most
critical patients, but the virus shows how such cyber threats can wreak
havoc in large organisations.

While it is unclear as to whether the virus was a directed cyber attack
against the hospitals or a piece of rogue code that had found its way onto
the hospitals’ network due to poor security practices or perhaps the wrong
link being clicked on by a user of a medical computer.

It is also worth noting that budget constraints and the scale of hospital
operations often means than many of the IT networks NHS Trusts have are
based on outdated systems, which leaves them more vulnerable to cyber
threat, malicious or otherwise.

In the US cyber attacks against hospitals are a major problem, with many
being forced to part with thousands of dollars after their networks become
injected with ransomware.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20161102/afa88656/attachment.html>