Scots NHS told 3 months ago to protect data from attacks

NHS health boards in Scotland were warned in February of the need to review the resilience and backup procedures of their computer systems to protect patient data from cyber attacks, the Scottish Government said last night.

NHS boards in Scotland were warned to protect data from potential cyber attacks. Picture: Getty Images/iStockphoto
NHS boards in Scotland were warned to protect data from potential cyber attacks. Picture: Getty Images/iStockphoto

In a statement following the second meeting of Holyrood’s resilence committee after the largest-ever global cyber attack last Friday, it was confirmed there had been no spike in hacking incidents after organisations returned to work yesterday.

MSPs were told that approximately one per cent of computers in the NHS in Scotland were affected by the attack, but no patient data had been lost.

A total of 11 area health boards had been affected but yesterday brought only a few reports of ongoing difficulties such as the Scottish Prison Service’s website and email which was down for a short while.

They were also told health boards had put extra teams in place to support staff and that work has taken place to recover NHS systems.

Furthermore, priority has been given to maintaining patient safety and ensuring patient data is not compromised.

Subject to approval, Shona Robison, MSP, health secretary, will make a Parliamentary statement on the attacks today.

Ms Robinson said cyber attacks reinforced the need for everyone to guard against future incidents.

“Systems are returning to normal today and I would like to thank NHS staff for their hard work over the weekend.

“It is important to emphasise that patient safety is paramount and there is no evidence that patient data has been compromised.

“However Friday’s attack has highlighted the need for everyone to have appropriate and robust measures in place to protect against cyber attacks which could strike any IT system at any time.

“Police Scotland are investigating the attack, working closely with the National Crime Agency which is leading the UK-wide law enforcement investigative response.

“Subject to approval, I will update Parliament on the latest situation tomorrow.”

Microsoft’s chief lawyer, Brad Smith, said the attacks should act as a “wake-up” call to governments worldwide and laid part of the blame on US intelligence agencies the CIA and National Security Agency for “stockpiling” software code which could be exploited by hackers.

Mr Smith, said the ransomware attacks used data stolen form NSA, containing information about software vulnerabilities.