This site is intended for health professionals only

At the heart of general practice since 1960

pulse june2020 80x101px
Read the latest issue online

GPs go forth

GP practices 'closed down' by NHS computer system hack attack

GP practices across England have been affected by what appears to be a major cyber attack on the NHS computer system.

Pulse understands that some GP practices have had to shut down, while hospital staff found themselves unable to work.

Dr George Farrelly, a GP in East London, said his practice did not have access to patient records and could not prescribe medicines.

Dr Farrelly, who works at the Tredegar practice in Tower Hamlets, said his practice had ‘heard something might happen’ earlier in the day so had printed the appointment list.

He said: ‘I am going to see my patients but of course we cannot access any records and can’t prescribe.’

Meanwhile Dr Neil Paul, a GP in Cheshire, sent Pulse a computer screenshot of the error message caused by the attack, which is requesting $300 worth of Bitcoin, the online currency.

He told Pulse that in his area around 'half' of practices were affected by the attack, including some cases of 'whole practices' being forced to shut down.



The Wingate Medical Centre in Liverpool also tweeted that it was unable to work.

And NHS Liverpool CCG warned patients to only contact their GP practice in an emergency.

NHS Digital said that 'a number of NHS organisations have reported... that they have been affected by a ransomware attack'.

A spokesperson said: 'The investigation is at an early stage but we believe the malware variant is Wanna Decryptor.

'At this stage we do not have any evidence that patient data has been accessed. We will continue to work with affected organisations to confirm this.

'NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations, ensure patient safety is protected and to recommend appropriate mitigations.'

According to NHS Digital, the attack was 'not specifically targeted at the NHS and is affecting organisations from across a range of sectors'.

The spokesperson added: 'Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available.'

Readers' comments (30)

  • make nhs paper free, make nhs patient free
    I am sure cqc will come back with great idea. All drs have to know all about cyber attack, 2 day course by bill gates, with 50% discount to lmc and ccg players who will arrange these programmes.

    Unsuitable or offensive? Report this comment

  • A symptom of obsolete operating systems and underinvestment in It.A reaction by demoralised and brow beaten staff who have had a seven year pay cut.A government who doesn't give a sh@@.What a cluster fu@@.

    Unsuitable or offensive? Report this comment

  • May and @unt will come out with the tired old line"lessons must be learnt".The Tory government are incapable of learning,the are the arrogant self important ruling class they are always right.The Nasty Party.

    Unsuitable or offensive? Report this comment

  • There's been no guidance for practices that are so far unaffected. We took the decision at 2330 to go in and shut off all computers and servers and disconnect all network cables. I haven't a clue if his was a one off action or if it's ongoing. The communication has been completely absent. I tried calling a number given by NHS digital and it goes through to a chaps answerphone. We have probably over reacted but I'd rather turn up on Monday half an hour early to reboot everything that to one of those screenshots.

    Unsuitable or offensive? Report this comment

  • Vinci Ho

    So the Home Secretary , Amber Rudd , said this morning in BBC breakfast , these NHS files were 'supposed' to be back-upped and the government's statement is NOT to pay any ransom.
    How are you judge this, folks ?

    Unsuitable or offensive? Report this comment

  • Vinci Ho

    Could feel Amber Rudd's voice shaken a little bit in this interview........

    Unsuitable or offensive? Report this comment

  • Interesting Amber Rudd is the spokesperson and not $unt. I know she's Home Secretary. A bit of Tory pre-election opportunism and jostling in position to please May??

    Unsuitable or offensive? Report this comment

  • Vinci Ho

    So Amber Rudd chaired the Cobra Meeting and said the health secretary had already instructed NHS trusts not to use Windows XP . Hence , the government is innocent.
    What are your thoughts, folks?

    Unsuitable or offensive? Report this comment

  • Presumably someone is going to tell us tomorrow if it's safe (or not) to turn back on on Monday morning? I realise we foot soldiers are as ever low priority, but it would be nice to know a little more than the hoarded when they turn up wanting their statins.

    Unsuitable or offensive? Report this comment

  • Dear All,
    In addition to all the detailed stuff on the various NHSE NHSD, Supplier, RCGP etc web sites here's some simpler stuff;

    The WannaCry virus is a self-propagating “worm” that seeks out vulnerable computers linked via networks. Once introduced to a network it burrows from workstation to workstation like a software mole, only surfacing every now and then on unprotected PCs with its threatening screen.

    Like a mole it has to be isolated and then dealt with.

    It can be beaten and removed

    Although it threatens to encrypt your files it does not

    It only works on the Windows operating systems

    It has not affected the GP system suppliers, none of the GPSoC clinical system suppliers have been infected and no patient data has been affected. Stories of EMIS or TPP being “down” reflect the local networks being shut down not any problem with the system suppliers.

    If you see the screen on a PC immediately unplug the network cable from the back of the PC or from the socket in the wall.

    At the end that plugs into the PC there are often two small green LEDs adjacent to the cable socket that flash intermittently.

    Then close down the PC, you can do this by simply pressing and keep pressing the power button until the PC stops. Alternatively hold down the ALT key and then press the F4 key, doing this repeatedly and closing any programs running should eventually show you a “close down this PC” box.

    Once the PC has been disconnected and turned off the virus will have been isolated and can then be dealt with.

    Do not reconnect that PC to any network until it has been cleansed.

    Different areas will have different solutions.

    Contact your local IT support / AT / CSU for advice, browse the various sites available at NHS Digital, NHSE, CyberCert, RCGP, EMIS and TPP etc.

    For practices still using Microsoft XP, although this is an obsolete system and no longer officially supported by Microsoft they have, in response to this global event, created a patch for XP. This means once cleansed you will be able to resume using these workstations.

    It is likely that fixes will be applied by downloading them onto fobs and then transferring them onto the affected PCs.

    It is safe to continue use NHS Mail.

    It can lie dormant, so even apparently unaffected PCs may still harbour the virus. So in the next week make sure EVERY pc in your surgery gets a full virus / malware scan.

    Paul C

    Unsuitable or offensive? Report this comment

View results 10 results per page20 results per page50 results per page

Have your say