The long list of cyberattacks grows as Barts Health computers, the UK’s largest NHS Trust, was hit by a targeted cyberattack that took their systems offline and infected them with Trojan malware last Friday, the organization announced.
The attack was immediately detected and the virus quarantined, according to the most recent update. In spite of some early reports, the institution eliminated ransomware as the root cause early on in the detection process.
“The incident was caused by Trojan malware, not ransomware,” according to a Barts Health press release. “The particular virus has never been seen before and, whilst it had the potential to do significant damage to computer network files, our measures to contain the virus were successful.”
Barts Health assures patients that no medical records were accessed and all systems are now functioning normally, including the computerized pathology results service. The Royal London, St Bartholomew’s, Whipps Cross, Mile End and Newham hospitals are part of the Barts Health Trust.
As a precaution, employees were asked to not open email attachments from suspicious or irrelevant sources.
“We have been informed of a major cyber-attack on NHS organizations. Please exercise extreme caution when opening any email attachments from unknown source or that don’t seem relevant to you,” said the trust’s IT director, Tosh Mondal. “We will be carrying out security scans on all computers within the trust so please leave them switched on until further notice.”
Although security researchers have stressed the importance of constantly updating all software to avoid exploits and cyberattacks, research has shown “90 percent of NHS Trusts in England are still running the unsupported Windows XP operating system,” according to Infosecurity. Not only does this make them more prone to attacks, but it exposes medical records and confidential data to hackers.
In addition, many health institutions are behind on their security strategy. Placing a low priority on investment in it exposes their systems to frequent targeted attacks that will also affect sensitive patient data.
Similar attacks were also launched in November on three other hospitals that form part of the Lincolnshire and Google trust.