Webwatch: Hospitals warned to expect rise in hackers holding computer systems to ransom

NHS hospitals need to be prepared for hackers attempting to hold their computer systems to ransom, a doctor has argued in a leading medical journal.

He warned it was likely that an increasing number of hospitals would be shut down by ransomware attacks, where hackers gain access to a computer system and will only release control in return for payment.

The article, published in The BMJ, cited estimates that almost a third of NHS trusts had been infected by ransomware.

Dr Krishna Chinthapalli, a neurology registrar at the National Hospital for Neurology and Neurosurgery in London, wrote: “We should be prepared: more hospitals will almost certainly be shut down by ransomware this year.”

He argued that hospitals were “ideal targets” for ransomware companies as they had irreplaceable data and may be “more willing” than other organisations to pay for quick recovery of their data.

Data held by hospitals, including patients’ birth dates and addresses, could be sold on, he added.

The article stated that nine in 10 NHS trusts ran an “obsolete” version of Windows.

“Barts Health NHS Trust’s computers, attacked by ransomware in January, ran Windows XP,” he wrote.

“Released in 2001, it is now obsolete, yet 90% of NHS trusts run this version of Windows.”

Dr Chinthapalli also described a ransomware attack at the Hollywood Presbyterian Medical Center in Los Angeles in February 2016.

CT scans couldn’t be performed, electronic records could not be accessed and emails shut down, he wrote.

It was rumoured the hospital was being held to ransom for 3.4 million US dollars and after 10 days paid a smaller sum of 17,000 US dollars to regain access, he wrote.

He cautioned that hospitals should employ “digital hygiene” by keeping hardware and software as secure as possible.

Staff should be less “click happy” when reading emails, he added.

Dr Chinthapalli highlighted an incident at Papworth Hospital near Cambridge where a nurse clicked on a malicious link and malware infected her computer and started to encrypt sensitive files.

He added: “When attacks do occur, the IT department must be informed quickly.

“Much like containment of an infectious disease outbreak, a rapid response can isolate infected computers.”

Copyright (c) Press Association Ltd. 2017, All Rights Reserved.