A National Health Service (NHS) board has detected malware on its systems just a few months after falling victim to WannaCry.
News of the attack first emerged on the morning of 25 August when the UK’s third-largest health board, which manages the health care of 652,230 people, posted a statement on its Facebook page:
“We have detected some incidences of malware.
“We took immediate action to prevent this spreading while we carried out further investigations.
“We are now putting in place a solution from our IT security provider.
“While the issue is being resolved our staff have been working hard to minimise the impact on patients and we apologise to anyone who has been affected”.
Less than an hour later, the board announced the unavailability of both its staff bank system and telephone system due to the “IT issues.”
It’s unclear what kind of malware infected the board’s network and when the infection occurred. But after a long night of recovery and response, NHS Lanarkshire’s IT staff successfully detected the source of the malware and began fixing all affected systems. Those efforts are still ongoing as of this writing.
In an update, chief executive Calum Campbell explained the attack did affect the board’s ability to deliver health care to patients:
“Unfortunately a small number of procedures and appointments have been cancelled as a result of the incident. I would like to apologise to anyone who has been affected by this disruption, however I can assure you that work is already underway to reappoint patients.
“The majority of services have been restored but it may take some time to get services running as normal. We would ask patients who are attending hospital or out-of-hours services over the weekend to bear with us as they may experience longer than waits than usual.”
This isn’t the first time in recent memory that a digital attack got between NHS Lanarkshire and its patients. Back in May, the health care board was one of the NHS organizations to fall victim to the global WannaCry malware outbreak. That attack prevented the board from accessing patient information as well as from honoring certain appointments.
Dermatology outpatient appointments at Hairmyres & Monklands 2day & 2morrow have been cancelled. Sorry for any inconvenience #CyberAttack
— NHS Lanarkshire (@NHSLanarkshire) May 13, 2017
Hopefully, this latest attack did not make use of the same unpatched Windows vulnerability that WannaCry used to infect NHS Lanarkshire and other health care organizations back in May.
If it did, it’s about time the organization patched its systems. If it didn’t, let’s hope the health board provides a more detailed explanation of what happened and describes what it’s doing to make sure a similar event doesn’t happen yet again in the next few months.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.