NHS still reeling following ransomware attack as govt remains in dark over culprit

Patients are facing a weekend of delays as the UK’s National Health Service (NHS) battles to get its systems back online in the wake of a global ransomware attack.

The virus, which has affected approximately 130,000 PCs around the world, hit the UK’s health service particularly hard on Friday, affecting at least 39 hospitals along with GP and dental services around England and Scotland.

The ransomware has also reportedly hit factories, universities, major corporations, and the Russian Interior Ministry.

In the UK, some ambulances were forced to divert to other hospitals and doctors were forced to cancel operations as the attack seized computers and made patient records unavailable. Non-emergency patients are being asked to use the service frugally.

“However much they pretend patient safety is unaffected, it’s not true. At my hospital we are literally unable to do any x-rays, which are an essential component of emergency medicine,” one doctor at a London hospital told The Guardian.

The ransomware virus targets Windows users by blocking their personal files and demanding $300 worth of bitcoin to restore access.

The virus exploits a vulnerability that is understood to have been discovered and developed by the National Security Agency (NSA). The exploit was leaked by a group calling itself the Shadow Brokers, which has been distributing the stolen tools online since last year.

READ MORE: Leaked NSA exploit blamed for global ransomware cyberattack

Former NSA contractor turned whistleblower Edward Snowden questioned the agency’s conduct regarding the malware.

The UK’s National Cyber Security Centre say they are working “around the clock” to bring NHS systems back online. The center also said there is no evidence that patient data has been accessed – a statement that was echoed by UK Prime Minister Theresa May.

UK Interior Minister Amber Rudd admitted that the government remains in the dark over who is behind the global attack.

“We’re not able to tell you who’s behind the attack. That work is still ongoing,” she told BBC radio.

However, Rudd did clarify that the attack was not specifically targeting the NHS: “(The virus) feels random in terms of where it’s gone to and where it’s been opened.”

She also admitted that there is a chance not all NHS files were backed up before the attack. “That is the instructions that everybody has received in the past,” she outlined. “That is good cyber defense, but I expect, and we will find out over the next few days if there are any holes in that.”

“It is disappointing that they [the NHS] have been running Windows XP, I know that the secretary of state for health has instructed them not to and most have moved off it,” she told Sky News.

Rudd will chair a ‘COBRA’ crisis response cabinet meeting on Saturday afternoon.

In Scotland, 11 out of the 14 NHS health boards were hit by the ransomware bug. Scottish Health Secretary Shona Robison told BBC Radio Scotland that efforts to combat the attack had entered a “recovery phase.”

“People are working very, very hard and have worked through the night. The update I’ve got this morning is that we’re very much into recovery phase now, with a lot of work going on to get systems back up running,” Robison explained. Wales NHS was unaffected by the virus.