NHS board suffers malware attack just months after falling victim to WannaCry

Restoration of affected services underway…

David bisson
David Bisson

NHS board suffers malware attack just months after falling victim to WannaCry

A National Health Service (NHS) board has detected malware on its systems just a few months after falling victim to WannaCry.

News of the attack first emerged on the morning of 25 August when the UK’s third-largest health board, which manages the health care of 652,230 people, posted a statement on its Facebook page:

“We have detected some incidences of malware.

“We took immediate action to prevent this spreading while we carried out further investigations.

“We are now putting in place a solution from our IT security provider.

“While the issue is being resolved our staff have been working hard to minimise the impact on patients and we apologise to anyone who has been affected”.

Less than an hour later, the board announced the unavailability of both its staff bank system and telephone system due to the “IT issues.”

It’s unclear what kind of malware infected the board’s network and when the infection occurred. But after a long night of recovery and response, NHS Lanarkshire’s IT staff successfully detected the source of the malware and began fixing all affected systems. Those efforts are still ongoing as of this writing.

Sign up to our free newsletter.
Security news, advice, and tips.

In an update, chief executive Calum Campbell explained the attack did affect the board’s ability to deliver health care to patients:

“Unfortunately a small number of procedures and appointments have been cancelled as a result of the incident. I would like to apologise to anyone who has been affected by this disruption, however I can assure you that work is already underway to reappoint patients.

“The majority of services have been restored but it may take some time to get services running as normal. We would ask patients who are attending hospital or out-of-hours services over the weekend to bear with us as they may experience longer than waits than usual.”

This isn’t the first time in recent memory that a digital attack got between NHS Lanarkshire and its patients. Back in May, the health care board was one of the NHS organizations to fall victim to the global WannaCry malware outbreak. That attack prevented the board from accessing patient information as well as from honoring certain appointments.

Hopefully, this latest attack did not make use of the same unpatched Windows vulnerability that WannaCry used to infect NHS Lanarkshire and other health care organizations back in May.

If it did, it’s about time the organization patched its systems. If it didn’t, let’s hope the health board provides a more detailed explanation of what happened and describes what it’s doing to make sure a similar event doesn’t happen yet again in the next few months.

David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Tripwire's "The State of Security" blog.

2 comments on “NHS board suffers malware attack just months after falling victim to WannaCry”

  1. Andrew Cole

    "third-largest health card board" run by cardboard cutouts I presume?

  2. Bob King

    Stop using Microsoft Windows. The only time using Windows worked out positively is when the Iranians were stupid enough to use it at their nuclear facilities,

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.