UK’s largest hospital chain hit by previously unseen malware

A never seen before malware has attacked UK’s largest hospital chain, Barts Health NHS Trust which forced the facility to shut down a segment of its systems for a few days as a precautionary measure.

Barts Health NHS Trust, a conglomerate of five hospitals in London employing a staff of 15,000 and providing care to millions of patients a year was hit in January by the malware attack, which managed to circumvent the facility’s anti-virus software resulting in a number of computer systems being shut down.

Although administrators at Barts Health said patient data was not accessed, the facility’s pathology system was offline before eventually being restored a few days later.

Despite being up-to-date, the hospital’s antivirus software didn’t recognize a new threat as malicious. The vendor has since issued a patch.

While previous reports said it was unclear how the trojan had gotten into the hospital’s network, an update from March 1 board minutes revealed that four of the hospital group’s five facilities were affected.

Speaking in the meeting, deputy chief executive Dr Tim Peachey, who holds board-level responsibility for ICT, confirmed that the cyberattack didn’t involve ransomware, but said the incident involved “a new virus not seen previously”.

It’s anyway difficult for any organisation to tackle and improve operational efficiency while under threat or fear of attack.

NHS is facing unprecedented challenges, from hard to hit targets and financial deficits to rising patient numbers, increased waiting times and reduced bed availability.

The investigation into the cyberattack is still ongoing.

Healthcare is facing the most cyberattacks since records began in April 2015, with the sector accounting for the largest number of data security incidents, according to recent Information Commissioner’s Office (ICO) figures. The healthcare is on continuous target on the digital health front too.

The healthcare sector accounted for the highest number of data security incidents for the quarter, with 239 cases reported in Q3 2016. Cyber incidents accounted for 74 of these reports.

Leave a Reply