Reporting continues on investigation into a cyber attack at Barts Health Trust, which runs five hospitals in east London.
Initially some reports suggested the Barts had been hit by a ransomware attack, which would have meant malware had encrypted files and the attackers were demanding a ransom to unencrypt. According to some reports the number of ransomware attacks around the world increased rapidly in 2016, affecting a wide range of organisations, including several hospitals.
An update from Barts Health today confirms that on Friday 13 January 2017 Barts Health discovered and took immediate steps to contain a virus in the Trust’s computers.
The key point for the public is that apparently no patient data was affected, there was no unauthorised access to medical records. The virus has been quarantined, and all major clinical systems are now up and running, which should hopefully mean services are getting back to normal.
The incident was caused by Trojan malware rather than ransomware. According Barts the particular virus has never been seen before. This might have meant that their anti-virus protection might not have been able to pick it up. However, apparently measures to contain the virus were successful and their anti-virus protection has now been updated to prevent any recurrence. So it seems their ICT staff successfully contained it and have managed to bring systems back online within four days.
It is hard to judge what really happened from press releases and media coverage, but a lot of big name media outlets reported on it. These include:
- BBC – Barts Health Trust launches cyber attack probe
- The Guardian – London NHS hospital trust hit by cyber-attack
- ComputerWeekly.com – England’s largest NHS trust investigates cyber attack
- Telegraph – Largest NHS trust hit by cyber attack
- ITV News – NHS hospital trust hit by cyber-attack
A lot of the coverage would have caused concerns for the 2.5 million people in east London that rely on Barts Health, which is England’s largest NHS Trust. It is natural for media organisations to be interested in a cyber security incident, but will there be equal or more coverage on could be argued to be a success for their ICT staff in containing it?
Sadly without this follow up it seems likely that the incident will still damage to the reputation of the Trust.