GETTY St Barts Health in London, was the victim of a Trojan malware attack

FREE now SUBSCRIBE Invalid email Make the most of your money by signing up to our newsletter fornow We will use your email address only for sending you newsletters. Please see our Privacy Notice for details of your data protection rights.

A recent report highlighted serious failings in the US healthcare sector, with concerns hackers and cyber criminals could be turning their sights to the NHS next. And earlier this year the UK’s largest hospital trust, St Barts Health in London, was the victim of a Trojan malware attack. The attack is thought to have affected some operations but the Trust later issued a statement confirming its systems had not been compromised. A spokesman, said immediate steps were taken to “contain a virus in the Trust's computers”. He addedd: “The virus has been quarantined, and all major clinical systems are up and running. “No patient data was affected, there was no unauthorised access to medical records, and our anti-virus protection has now been updated to prevent any recurrence. “The computerised pathology results service is back online and processing requests as normal.” James Scott, a senior fellow at the Institute for Critical Infrastructure technology, produced a report entitled 'How to Crush the Health Sector's Ransomware Pandemic' which warned of the potential effects of ransomware in the US.

Shocking charts show the NHS could be in crisis Thu, February 9, 2017 Do these charts prove the NHS is in trouble? Play slideshow Getty Images 1 of 9

It said: “In 2016, the health sector was pummelled by ransomware attacks, insider threats, APT campaigns, and other cyber-attacks designed to distract, consume resources, profit by compromising the confidentiality, availability, or integrity of critical health systems. “Ransomware threatens even the basic comfort of knowing that care is available because a single ransomware attack can self-propagate through a healthcare network and render essential equipment non-operational. “Worse, ransomware is still developing as an attack vector. Soon it may be able to precision target specialised equipment, infect patient IoT devices, or do much worse. “A piece of medical equipment being lost during a procedure due to an inadvertent scan for malware by legacy technology or ransomware infecting the main hospital EMR can not only negatively impact the patient, but may also cause grave harm. Hospitals are targeted with roughly 88 per cent of all ransomware attacks.

GETTY Mr Scott's report extensively detailed patients' data being sold on the dark web

“Ransomware is used as either a direct revenue stream (the attacker is dependent on the ransom) or as an indirect/ diversionary vector (the attacker uses the ransomware as a distraction and exfiltrates sensitive data amid the panic).” Mr Scott outlined the expensive and potentially devastating attacks healthcare providers have come under. Last January a ransomware attack stopped the Titus Regional Medical Center in Mount Pleasant, in Texas, from accessing its files. The following month Hollywood's Presbyterian Medical Center was forced to cough up $17,000 (£13,713) to bring an end to a two-week attack.

The same month the Los Angeles County health department identified at least five traces of ransomware on its systems. Four administrative computers in The Ottawa Hospital were infected, and in March 2016 the Methodist Hospital, Kentucky, was unable to use its electronic web-based systems due to an attack. Hackers who infiltrated the Kansas Heart Hospital demanded extra cash to decrypt critical systems after the hospital paid an initial ransom. And attackers demanded cash in exchange for the release of critical systems at the Chino Valley Medical Center and the Desert Valley Hospital in Victorville, both in California.

GETTY NHS Digital said no ransoms had been paid out that they were aware of

Marin General Healthcare District and Prima Medical Group saw 5,226 patients' records affected after a ransomware attack. And not just the US has been affected, with the email systems of Lukas Hospital and the systems of Klinikum Arnsberg hospital, in Germany, also attacked in February 2016. UK Healthcare Sector Manager at Sophos, Jonathan Lee, explained the impact ransomware could have if it made its way into the NHS. He said: “One of the more recent threats we have seen increasingly affecting NHS organisations is ransomware.

One of the more recent threats we have seen increasingly affecting NHS organisations is ransomware Jonathan Lee

“This is a type of malicious software designed to block access to files on your computer until the ransom is paid, which can cause massive disruption to an organisation’s productivity and their ability to treat patients. "The NHS is not one entity and so readiness to combat a ransomware attack varies from organisation to organisation. "The recent incidents that have made national headlines have raised awareness and highlighted the importance of cyber security right up to board level, which is a positive thing. "NHS organisations have always been aware that the data they have on record is highly sensitive.

"In 2010, one NHS Trust based in the south of England – that treats over three quarters of a million patients each year – incurred a fine of over £300k when confidential patient data was discovered on hard drives sold on eBay. "If a ransomware attack hit an NHS system, which then meant patients couldn’t be treated, this would obviously have an impact on patient care." Mr Scott's report extensively detailed patients' data being sold on the dark web for eye-watering fees, costing each victim on average $2,500 (£1,948) per incident. The HIPAA journal, in conjunction with databreaches.net, revealed health data breaches affecting 388,307 patients in the US this January alone. Barrister Robert Edwards, a cybercrime and fraud specialist at St John’s Buildings, said: “With criminals now able to anonymously access huge banks of high-value information by exploiting access through one vulnerable unsecured device, it is of little surprise that organisations harbouring the most sensitive data are targeted.

GETTY The email systems of a German hospital were also targetted