NHS computers still run system attacked by WannaCry hack

The majority of NHS health boards in Scotland are still operating outdated computer systems despite last year's crippling cyber attacks which exploited a flaw in the programme.

By The Newsroom Sunday, 25th March 2018, 11:08 am Updated Sunday, 25th March 2018, 11:23 am

Edinburgh Royal Infirmary's A&E Department. Lothian has by far the highest proportion of computers running XP. Picture: Greg Macvean

A total of 11 out of 14 authorities confirmed through a Freedom of Information (FoI) request that they still operate Windows XP, which was targeted by criminals using malicious ransomware software known as WannaCry.

Almost 3,000 out of 19,251 computers (15 per cent) across NHS Lothian continue to run Windows XP, making the health board the most vulnerable to a further attack.

Sign up to our daily newsletter The i newsletter cut through the noise Sign up Thanks for signing up! Sorry, there seem to be some issues. Please try again later. Submitting...

Microsoft ended support for Windows XP in April 2014. The last major security update was carried out as far back as 2008. Last May, Microsoft released a one-off patch for XP to prevent users sharing files that were being used to spread the ransomware virus across the world, including the UK-wide NHS infrastructure.

Shadow health secretary Miles Briggs said it was “completely irresponsible” to be running out of date computer programs.

“The cyber attacks last May affected 11 of the 14 health boards in Scotland and NHS Lothian was fortunate not to have been hit,” he said. “NHS Lothian has by far the most computers running on Windows XP, that no longer runs security updates, leaving NHS Lothian open to cyber attack.”

Half of the NHS boards in Scotland failed to provide a date for which they would phase out the Windows XP system and Police Scotland claimed an exemption from the FoI on the basis that “disclosure would provide those intent on disrupting police activities with enough information to plan and execute a targeted attack”.

Hackers often demand its victims pay a ransom to access their frozen files or to remove harmful programs. They dupe users into clicking on a fake link – whether it’s in an email or on a website, causing an infection to corrupt the computer.