13 NHS health boards in Scotland affected by cyberattack

Thirteen health boards across Scotland have been affected by Friday's global cyberattack, the Scottish Government has confirmed.

Health secretary Shona Robison confirmed 13 NHS boards had been affected in Scotland. Picture: Greg Macvean

Health secretary Shona Robison, right, said staff were working to protect and restore their systems, but indicated some may not be operational by Monday.

A handful of health boards in England were continuing to wrestle with problems following the ransomware attack, which hit organisations in 99 countries.

Sign up to our daily newsletter

The i newsletter cut through the noise

Car manufacturer Nissan was the latest company to reveal it had been targeted, although it said yesterday there had been “no major impact”.

The Scottish Government said there have been no further reported problems with NHS systems. To date, the organisations affected include: NHS Border, NHS Dumfries and Galloway, NHS 
Fife, NHS Forth Valley, NHS Lanarkshire, NHS Greater Glasgow and Clyde, NHS Tayside, NHS Western Isles, NHS Highlands, NHS Grampian and NHS Ayrshire and Arran, as well as NHS National Services and the Scottish Ambulance Service.

In a statement, the government said “measures to isolate any issues are now in place, with some systems expected to be operational over the weekend”.

There is no evidence that patient data has been compromised, and patient services, including emergency services, are continuing to operate.

Other public bodies are currently running checks on their systems as a precaution ahead of the start of the working week, the government added.

Robison said: “We have taken all necessary steps to ensure the cause and nature of this attack is identified and have managed to isolate the issues within the NHS in Scotland. Boards are working on protecting and restoring those systems where possible, with a view to getting most operational by Monday.”

What is ransomware?

he cyberattack which hit the NHS was a ransomware attack which encrypts files on a user’s computer, blocking them from view and threatening to delete them unless a payment is made.

The virus is usually covertly installed on computers via innocent-looking emails containing links which users are tricked into opening.

Once opened, the malware can install itself on a system without the user’s knowledge.

The virus is then able to encrypt files and block user access to them, displaying a pop-up window onscreen telling users they have been blocked and demanding payment.

It is possible to remove ransomware without payment by using advanced anti-malware software.