Categories: Security

Ransomware Disrupts NHS Scotland Appointments & GP Surgeries

The NHS has confirmed ransomware was the cause of disruption to a Scottish health board on Friday that led to operations and doctors’ appointments being cancelled.

NHS Lanarkshire, which is Scotland’s third-largest health board and serves more than 650,000 people, said its network had been infected by a new variant of the Bitpaymer malware.

Appointments cancelled

The board said staff worked over the weekend to bring systems back online. The incident is being investigated.

Ransomware encrypts data on the systems of those attacked and demands a payment to unlock the files.


The attack began around 11 a.m. on Friday with operations cancelled and the work of GPs disrupted. But the board said operations had continued under contingency plans and emergency procedures weren’t affected.

“A small number of systems were affected with the majority restored over the weekend and the remainder on Monday,” said NHS Lanarkshire chief executive Calum Campbell in a statement. “Unfortunately a small number of procedures and appointments were cancelled as a result of the incident.”

The board added that its security softare was up-to-date and that the malware apparently slipped through because it hadn’t yet been identified by security firms.

New variant

“Following analysis of the malware our security providers issued an updated signature so that this variant can now be detected and blocked,” the board stated.

The Petya ransomware.

A patient who attended a GP appointment in Hamilton, south-east of Glasgow, told The Scotsman: “Receptionists were asking people to only stay and wait to see a doctor if it was an emergency. They were unable to access anyone’s notes or test results.”

NHS Lanarkshire was one of the Scotish authorities worst-hit in May’s Wannacry ransomware epidemic. Eleven of Scotland’s 14 territorial health boards were affected in that attack, but the NHS said last week’s infiltration wasn’t on the same scale.

Most ransomware spreads through malicious attachments that trick users into opening them. Wannacry was different, using an exploit thought to have been developed by the NSA, the US spy agency, which affects a vulnerable Windows component and doesn’t require any user action.

Do you know all about security in 2017? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

View Comments

  • This will continue until there is a solid cybersecurity architecture in place, agreed by and developed by a world consortium. Current efforts, noble as they are, are like continually patching rust spots on a rust-bucket car. Getting more cyber experts is the same as getting more bodywork people; it won't solve the basic problem that this particular car IS and ALWAYS be a rust-bucket and a new body, galvanised is needed. Much of the current software was designed around an open internet and that openness is its downfall. Watch this space and read similar reports in 12 months time.

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

11 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

12 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

13 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

14 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

17 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

17 hours ago