Hawick hospital and surgery among NHS sites hit by cyber attack

Two of the three NHS Borders community operations hit by this weekend's worldwide cyber attack are in Hawick, it has been revealed.

Sunday, 14th May 2017, 11:25 am
Updated Monday, 15th May 2017, 5:04 pm
Hawick Community Hospital.

They are the Teviot Medical Practice, in Teviot Road, and Hawick Community Hospital, in Victoria Road.

The other Borders site targeted is the learning disability service office at Earlston.

All the trust’s other sites – including the Borders General Hospital at Melrose and its three other community hospitals, at Peebles, Kelso and Duns – are unaffected and continuing to operate as usual, it says.

A spokesperson for the trust said: “These are isolated incidents, and all other services continue to run as normal.

“Our IT team have been actively monitoring systems and assessing any impact on the services provided from the three affected locations.

“We have a recovery plan in place which we are currently working to, and we continue to actively monitor the situation.

“Any NHS Borders staff members who are laptop users at these sites are asked to contact the information management and technology service desk when they return to work.

“Tomorrow, May 15, all services operating out of Hawick Health Centre, including Teviot Medical Practice and other clinics, will be affected, and patients are asked to phone the health centre before attending their appointments.

“Daily updates will be provided, so please only phone in the morning about appointments tomorrow.”

Almost 50 UK health trusts are believed to have been targeted by hackers scrambling data and demanding a ransom in the digital currency Bitcoin in return for making it accessible again and threatening to delete it if they don’t get paid.

All but three of Scotland’s 14 geographical health boards, as well as the Scottish Ambulance Service, are affected.

Acute hospital sites in Lanarkshire, as well as GP surgeries, dental practices and other primary-care centres around the country are among those hit.

Besides NHS Borders, he health boards issued with ransomware demands are those serving Dumfries and Galloway, Fife, Forth Valley, Lanarkshire, Greater Glasgow and Clyde, Tayside, the Western Isles, the Highlands, Grampian, and Ayrshire and Arran.

The aftermath of the cyber attack on 48 NHS organisations is likely to last for a number of days, say experts.

Hospitals across England and Scotland were crippled by the global attack on Friday after a ransomware virus infiltrated dozens of NHS organisations.

Six organisations were said to still not be back to normal yesterday, but it was not revealed which six.

NHS Digital says engineers are working around the clock to fix the problem and that “the situation is changing and impacting organisations in a range of different ways”.

“We are aware some bodies, which range from practices to trusts, may have suspended selected systems purely as a precautionary measure,” a spokesman said.

“We are aware of widespread speculation about the use of Microsoft Windows XP by NHS organisations, who commission IT systems locally depending on population need.

“While the vast majority are running contemporary systems, we can confirm that the number of devices within the NHS that reportedly use XP has fallen to 4.7%, with this figure continuing to decrease.

“This may be because some expensive hardware, such as magnetic resonance imaging scanners, cannot be updated immediately, and in such instances, organisations will take steps to mitigate any risk, such as by isolating the device from the main network.”

Mark Porter, chairman of the British Medical Association’s council, said: “This cyber attack on NHS information systems is extremely worrying for patients and the doctors treating them.

“There have been reports of hospital doctors and GPs unable to access patients’ medical records, appointment booking systems and, in some cases, having to resort to pen and paper.

“NHS staff are working extremely hard to provide the best possible patient care, and we hope NHS Digital are able to resolve these problems as soon as possible.

“We need to quickly establish what went wrong to prevent this happening again, and questions must also asked about whether inadequate investment in NHS information systems has left it vulnerable to such an attack.”

Ciaran Martin, chief executive of the National Cyber Security Centre, added: “The picture is emerging that this is affecting multiple countries and sectors and is not solely targeted at the NHS.

“We are very aware that attacks on critical services such as the NHS have a massive impact on individuals and their families, and we are doing everything in our power to help them restore these vital services.

“It is important that organisations reduce the risks of these attacks happening to them.”

National Crime Agency investigators are now trying to identify the culprits.

Oliver Gower, deputy director of the its cyber crime unit, said: “This was a large-scale attack, but we are working closely with law enforcement partners and industry experts in the UK and overseas to support victims and identify the perpetrators.

“Cyber criminals may believe they are anonymous, but we will use all the tools at our disposal to bring them to justice.

“Victims of cyber crime should report directly to ActionFraud.

“We encourage the public not to pay the ransom demand.”