An Indian-origin doctor based in London had warned against the cyber-hack of the UK’s state-run National Health Service (NHS) just days before it crippled the country’s network. Dr Krishna Chinthapalli, a neurology registrar at the National Hospital for Neurology and Neurosurgery in London, had warned that an increasing number of hospitals could be shut down by ransomware attacks in an article on the vulnerability of the NHS network in the ‘British Medical Journal’ on Wednesday, two days before the major cyber-hack. He had highlighted an incident at Papworth Hospital near Cambridge where a nurse clicked on a malicious link and malware infected her computer and started to encrypt sensitive files.
“Fortunately, the hospital’s daily data backup had just been completed. The IT director admitted that they were very lucky, saying, ‘Timing absolutely was everything for us’. We should be prepared: more hospitals will almost certainly be shut down by ransomware this year,” Chinthapalli wrote. The revelation came as experts said they are working round-the-clock to restore the IT systems of NHS after they were hit by a large-scale cyber-hack by an international criminal gang that wreaked havoc around the world including India.
Patients of the state-funded country-wide service are facing days of chaos as appointments and surgeries were cancelled after nearly 45 NHS organisations from London to Scotland were hit in the “ransomware” attack on Friday. Ciaran Martin, who leads the UK’s National Cyber Security Centre, said his team was doing everything in their power to get “vital services” back up and running. “We are very aware that attacks on critical services such as the NHS have a massive impact on individuals and their families, and we are doing everything in our power to help them restore these vital services,” he said.
“It’s important to understand that cyber attacks can be different from other forms of crime in that their sometimes highly technical and anonymous nature means it can take some time to understand how it worked, who was behind it and what the impact is,” he told the BBC. Critically ill patients are being diverted to unaffected hospitals as computer systems failed in Accidents & Emergency (A&E) units and doctors were locked out of test results, X- rays and patient records.
NHS England said patients needing emergency treatment should go to Accidents & Emergency (A&E) or access emergency services as they normally would. However, there have been some reports of ambulances being diverted from affected hospitals and individual NHS trusts have asked registered patients not to attend unless it is urgent. London’s Barts Health NHS Trust, the largest trust in the UK, cancelled all outpatient appointments at its five hospitals today. The NHS has not been affected in Wales and Northern Ireland.
The assault is part of an attack that has affected organisations in about 100 countries, including the United States, India, China, Russia and Spain, disrupting power and telephone companies.