Virus shuts down NHS North Lincolnshire and Goole – are you next?

Northern Lincolnshire and Goole NHS Foundation Trust shut down the a large portion of its electronic systems on Sunday and cancelled the majority of its operations for the two days after a computer virus was detected.

The NHS has called a major incident and all planned operations, outpatient appointments and diagnostic procedures were cancelled for Monday and Tuesday, but how could a major public body such as the NHS be a victim of such a deadly hack?

To better understand ransomware here a brief introduction from our friends at Sophos:

As the hack developed the trust has said it has taken dramatic steps and are seeking “expert advice” on a response and a diaster recovery plan for the future, but as a priority they are working to ensure the saftey of their staff and their patients as well.

If you visited the trust’s site during the days of the hack you would have been presented by a red alert splash screen that notified patients of the hack, the following explanation was given:


“A virus infected our electronic systems yesterday (Sunday October 30) and we have taken the decision, following expert advice, to shut down the majority of our systems so we can isolate and destroy it.

“Our main priority is patient safety. A major incident has been called and all planned operations, outpatient appointments and diagnostic procedures have been cancelled for today and tomorrow.

“All adult patients (over 18) should presume their appointment/procedure has been cancelled unless they are contacted. Those who turn up will be turned away.

“Inpatients will continue to be cared for and discharged as soon as they are medically fit. Major trauma cases will be diverted to neighbouring hospitals, as will high risk women in labour.

While our emergency departments remain open and are accepting ambulances, we would urge people to only visit if they absolutely need to. We are reviewing the situation on an hourly basis.”

The trust adds that further updates will be posted on the website and social media channels. The red alert statement adds: “We would like to apologise to all patients who are affected.”

We are yet to know discover how badly the virus penterated the NHS systems, however, a the public are developing a growing concern for other NHS trusts around the country and other public operations that could use a similar security infrastructure to the trust.

The NHS has set up a careCERT at NHS Digital to advise the health service on potential attacks and on best-practice for dealing with them.

How do I avoid getting Cryptolocker? Are there preventative measures?

  • Back up your data – it’s a simple procedure but can save you time and money if you ever became a victim of ransomware.
  • Educate your employees to not open potentially malicious emails. Remember, if it looks suspicious get another set of eyes to review the email.
  • Look at IT Security solutions such as Sophos Intercept X which offers multi-layered protection against ransomware.
  • Being particularly wary of emails from senders you don’t know, especially those with attached files.
  • Disabling hidden file extensions in Windows will also help recognize this type of attack.

How can I learn more?

Join us at the Humber IT & Software Showcase in Willerby on the 11.11.16 as we discuss IT Security, Ransomware and the importance of understanding your IT. We’ve got speakers from; Sophos, Microsoft, HBP Systems and more. For more information visit our showcase webpage: