Ransomware cyberattack cripples hospitals across England
British Prime Minister Theresa May said there is no evidence that patient data has been compromised
LONDON — A large cyberattack crippled computer systems at hospitals across Britain on Friday, with appointments canceled, phone lines down and patients turned away.
Britain's National Health Service said hospitals were hit by an apparent "ransomware" attack, but there was no immediate evidence that patient data had been accessed.
NHS Digital, which oversees hospital cybersecurity, says the attack used the Wanna Decryptor variant of malware, which infects and locks computers while the attackers demand a ransom.
Pictures posted on social media showed screens of NHS computers with images demanding payment of $300 worth of the online currency Bitcoin, saying: "Ooops, your files have been encrypted!"
NHS Digital said the attack "was not specifically targeted at the NHS and is affecting organizations from across a range of sectors." It said 16 NHS organizations had reported being hit.
Spain, meanwhile, activated a special protocol to protect critical infrastructure in response to the "massive infection" of personal and corporate computers in ransomware attacks.
The Spanish government said several companies had been targeted in ransomware cyberattack that affected the Windows operating system of employees' computers. It said the attacks were carried out with a version of WannaCry ransomware that encrypted files and prompted a demand for money transfers to free up the system.
Spain's Telefonica was among the companies hit.
Spain's National Center for the Protection of Critical Infrastructure said it was communicating with more than 100 providers of energy, transportation, telecommunications and financial services about the attack even if basic services had not suffered any disruption.
In the U.K., hospitals in London, northwest England and other parts of the country reported problems and asked patients not to come to the hospitals unless it was an emergency. Most of the affected hospitals were in England, but several facilities in Scotland also reported being hit.
NHS Merseyside, which operates several hospitals in northwest England, tweeted that "following a suspected national cyberattack, we are taking all precautionary measures possible to protect our local NHS systems and services."
East and North Hertfordshire NHS Trust, which runs hospitals in an area north of London, said "the trust has experienced a major IT problem, believed to be caused by a cyberattack."
It said its hospitals had shut down all computer systems as a protective measure and canceled all non-urgent activity.
Bart's Health, which runs several London hospitals, said it had activated its major incident plan, cancelling routine appointments and diverting ambulances to neighboring hospitals.
The National Cyber Security Centre, part of the GCHQ electronic intelligence agency, said it was working with police and the health system to investigate the attack.
British government officials and intelligence chiefs have repeatedly highlighted the threat to critical infrastructure and the economy from cyberattacks. The National Cyber Security Centre said it had detected 188 "high-level" attacks in just three months.
Britain's National Health Service is a source of pride for many Britons but faces substantial budget issues and has had previous problems with its huge IT system.
Ransomware attacks are on the rise around the world. In February 2016, the Hollywood Presbyterian Medical Center in California said it had paid a $17,000 ransom to regain control of its computers from hackers.
Krishna Chinthapalli, a registrar at the National Hospital for Neurology and Neurosurgery in London, warned that British hospitals' old operating systems and store of confidential patient information made them an ideal target for blackmailers.
Writing in the British Medical Journal, he said: "We should be prepared: more hospitals will almost certainly be shut down by ransomware this year."