Hospitals in Britain struggle to restore their computer systems in wake of cyberattack

Hospitals and health clinics across England and Scotland battled to bring their computer systems back online Saturday after being paralyzed by a global ransomware attack.

Thousands of operations at National Health Service facilities were canceled Friday, ambulances were diverted from affected hospitals and patients waiting for routine outpatient appointments and even chemotherapy treatment were told that their records could not be accessed and they would have to go home.

Some patients were just moments away from surgery when they were suddenly informed that nonemergency operations had to be postponed. Others waiting to go home were told they could not be discharged because of the hack.

“I was booked in to have a septal myectomy, a heart operation,” Patrick Ward told the BBC after being discharged from St. Bartholomew’s Hospital in London on Friday. “It is very serious. I’ve been waiting for it for many, many, many months now.”

He said that after he had been prepped for the surgery, his doctor told him the procedure would have to be delayed because hospital systems had been hacked. Ward said he was told that the medical staff were concerned they would be unable to give him the right blood should he need a blood transfusion because that process was linked to the hacked computer system.

The attack affected 48 National Health Service centers — or about 20% — in England and Scotland, British Home Secretary Amber Rudd said Saturday. By early evening, Rudd said all but six of them were back to normal, but the massive attack had brought vast swaths of the system to a standstill for at least 24 hours.

St. Bartholomew’s is part of the largest NHS trust in the country, which canceled all outpatient appointments at its centers Saturday in an effort to bring the ominous cyber infection under control. Doctors elsewhere in the country were also forced to send patients home. and some medical staff returned to using pen and paper until they were again able to access patient records, appointment schedules and emails electronically.

Medics across Britain first became aware something was wrong when a message popped up on their infected computers informing them that their documents, files and databases had been encrypted and could be released only if a $300 ransom per machine was paid in bitcoin.

Experts at the National Cyber Security Center have been working with the health service around the clock to contain the damage, get the health system up and running again, and recover lost files.

But Rudd said there was no evidence that patient data had been compromised.

“At the moment, we are clear that no patients’ data has been accessed or transferred in any way,” she said.

Despite the widespread disruption and confusion, emergency services were not affected, although the public was urged to “use the NHS wisely” and not make unnecessary visits. NHS England said anyone in need of lifesaving or emergency treatment should still head to the nearest emergency room.

Old computer systems and the complex digital network connecting NHS facilities are believed to have made the health service especially vulnerable to this kind of attack. Rudd acknowledged Saturday that many NHS trusts still use Windows XP operating systems that are “not a good platform for keeping your data as secure.”

She said Britain was a world leader in terms of cybersecurity, but that did not make its systems impenetrable.

“Cybersecurity is a huge industry and it is an area where we can all do better to protect our businesses and personal information, and I would expect NHS trusts to learn from this, and to make sure they do upgrade,” Rudd said.

The hack did not affect any facilities in Wales or Northern Ireland, but it was unclear why.

The government described the hack as an “international attack” and not targeted specifically at the health service. The government’s emergency council known as the Cobra committee was scheduled to meet Saturday to discuss the situation.

“Nobody underestimates the difficulty of dealing with cyberattacks,” Rudd said. “We have known for a number of years that this is one of the most dangerous threats to this country.”

Boyle is a special correspondent