NHS Major 'Cyber Incident' Forces Hospitals To Use Pen and Paper

The ongoing cybersecurity incident affecting a North West England NHS group has forced sites to fall back on pen-and-paper operations. From a report: The Wirral University Teaching Hospital NHS Trust updated its official line on the incident on Wednesday evening, revealing new details about the case, but remains coy about the true nature of the attack.

"After detecting suspicious activity, as a precaution, we isolated our systems to ensure that the problem did not spread. This resulted in some IT systems being offline," the updated statement said.

"We have reverted to our business continuity processes and are using paper rather than digital in the areas affected. We are working closely with the national cybersecurity services and we are planning to return to normal services at the earliest opportunity."

Re:The best heathcare in the world

[ArchieBunker]

I wonder why... https://www.thelancet.com/jour... [thelancet.com]

Re:The best heathcare in the world

[Powercntrl]

I wonder why... https://www.thelancet.com/jour... [thelancet.com]

Yeah, but you figure that's a country that actually has had a national healthcare system for quite awhile and their conservatives are still trying to dismantle it. Could you imagine how it would go in the USA if we ever managed to pass some sort of healthcare-for-all bill? Heck, let's pretend it actually happened under Biden; it would be the first thing to go on the new administration's to-do list.

In order for socialized healthcare to work in a democracy, it needs to have an overwhelming mandate, otherwise you'll just be stuck with the opposing party constantly sabotaging it every time they get back into power. In today's polarized political climate, I just don't see that happening.

Re: The best heathcare in the world

[ArmoredDragon]

What happened when they were hit by wannacry?

I actually worked cybersecurity for a very large US hospital provider for years and kept hearing about NHS getting slapped by this or that, and it always happened a few weeks or even months after we had already ensured that every last one of our systems was patched.

To the "we gone paperless" boasters

[Malay2bowman]

This shows the importance of hard printed records, and learning how to use 'antiquated' tech such as file cabinets and card catalogs.

Re:

[taustin]

Go work in retail for a while. Most people can't read printing, either, even in two foot high letters on a sign they have to move to down an aisle that's closed due to alligators eating people.

Re:

[Malay2bowman]

"Most people can't read printing, either," That means the education system is failing.

Re:

[taustin]

You been asleep for the last 50 years?

Re:

[Malay2bowman]

Strangely enough, I see paper receipts being printed out all the time when I go to a store, and I don't see any cashiers freaking out and jumping out of windows.

Re:

[thegarbz]

This shows the importance of hard printed records, and learning how to use 'antiquated' tech such as file cabinets and card catalogs.

Not really. It shows the importance of a business continuity plan. Not everything needs to be hard printed, and a significant portion of a hospital (or any other business) can go paperless. The point of a good business continuity plan is to establish what needs to be done to maintain function during an outage. It is not the opposite of "going paperless".

Re:

[bleedingobvious]

I see you imagine Linux is immune to compromise.

I also see you wallowing in ignorance.

Pro-tip: Maybe spend more effort on checking your bias before blabbing so confidently about how your chosen OS is bullet proof.

Re:

[gweihir]

Nice strawman-type lie you go there. Despicable.

Re:

[thegarbz]

The only person who thinks they can solve cybersecurity by switching OSes is the kind of person who causes cybersecurity problems for their company. Your post is dumb and you should feel dumb for making it.

Re:

[gweihir]

That is just complete BS. Some cybersecurity problems _can_ be solved by switching OSes. Especially when the switch is away from the most crappy offering on the market.

What did they expect

[backslashdot]

A large number of computers there are still running Windows XP on ancient hardware that was created before some of their employees were even born.

Re:

[geekmux]

A large number of computers there are still running Windows XP on ancient hardware that was created before some of their employees were even born.

I’m gonna laugh hard when the details of the hack emerge, and WinXP systems hardly got touched because even the hacking group didn’t think their shit was THAT old.

Re:

[ChumpusRex2003]

I was speaking to the CIO at a different NHS trust and this topic came up in conversation. He claimed that the hack so far appeared "purely opportunistic, unsophisticated and easily preventable".

Part of the issue is likely that IT is severely under resourced in the NHS. Many NHS organisations are still organised on the assumption of IT as a cost centre, rather than a core business process. The result is that IT doesn't get representation at executive level - so rather than a CTO or CIO explaining matters

MICROS~1 Windows strikes again .. ..

[Mirnotoriety]

How We Use Your Information [wuth.nhs.uk]:

Who We Share Your Data With [archive.ph]

“Where care is delivered virtually, data may need to be securely transferred and stored using Microsoft 365 applications eg. Teams for virtual group therapy sessions”
--

Microsoft Teams training helps NHS staff work remotely during the COVID-19 pandemic [bytes.co.uk].

“During the lockdown, Microsoft announced they would help the NHS by providing Teams to them for free [archive.ph]. Teams is a tool that helps staff meet and collaborate regardless of location.”

“LMS365 [archive.ph] .. a collaborative platform created by Microsoft and the NHS to provide a secure and reliable cloud-based infrastructure for health and social care organizations in the UK.”

Putting Humpty back together again

[Tablizer]

I've seen it where they try to key the data on the paper forms back into the computer when it's restored in order to have normal reporting continue. But some required fields are missing or there is no clear matching drop-down for some written categories. It requires a lot of work to clean up, as the original intent is sometimes not known. A best guess is often made with a note in the comments section pointing the guessed fields out.

With one dodgy system they had to make it "down friendly" to make such restorations easier. (It was way past replacement time. Incompetent management wanted to spend the replacement money on fancy executive toys instead. Dilbertian Morons.)

Shame

[eneville]

What happened to nhsbuntu?

Re:Not even government regs...

[Geoffrey.landis]

I'm not generally a fan of government regulations... but

This is, of course, exactly why there are many government regulations. Because the people wanting fewer government regulations follow their words with "but"... and then suggest more government regulations.

If you actually did want fewer government regulations, you would have to trust people (and organizations) to do the right thing without government regulations mandating that they do it, or else accept the consequences of people not doing the right thing because there's no regulation telling them to.