Privacy & Security

WannaCry victim NHS Lanarkshire hit by new ransomware strain

The Scottish health system is operating under contingency plans, as it works to regain normal operations.
By Jessica Davis
August 29, 2017
12:13 PM

Scotland’s NHS Lanarkshire was hit by ransomware on Friday, delaying some services and operations at a few of the trust’s hospitals.

NHS Lanarkshire makes up of Hairmyres, Monklands, Wishaw General and Community Hospitals, along with several health centers and treatment centers.

Lanarkshire officials quickly acknowledged the attack, citing IT difficulties. And patients were encouraged to think before visiting the emergency departments, while systems were down. However, “emergency care will still be provided for those who do require to be seen."

[Register Now: Upcoming HIMSS Healthcare Security Forum]

The following day, officials reported it was malware and that its staff “have worked hard to minimize the impact on patients and our contingency plans have ensured we have been able to continue to deliver services while the IT issues were resolved.”

“Unfortunately a small number of procedures and appointments have been cancelled as a result of the incident,” officials said. “I would like to apologize to anyone who has been affected by this disruption, however I can assure you that work is already underway to reappoint patients.”

By the weekend, a majority of services had been restored, but officials said it will still be some time until operations are back to normal. Wait times have been longer than normal during the incident.

The investigation revealed the attack was ransomware, specifically a new strain called Bit Paymer -- a well-coded strain that looks like the work of experienced programmers, a report from BleepingComputer found.

Other samples of Bit Paymer were found by the security-researching site in mid-July, while other security researchers saw similar campaigns in June. The ransomware spreads using brute-force campaigns on unpatched RDP endpoints.

Once the hacker is in, the attackers move across the victim’s network and install the virus on each computer within the breached system. There’s currently no way to decrypt the Bit Paymer, and the ransomware asks for up to $230,000 to decrypt infected files.

This is the second time NHS Lanarkshire has fallen victim to ransomware. It was one of the hardest hit hospitals of the WannaCry attacks in May that crippled services at the majority of the U.K.’s National Health System.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Topics: 
Privacy & Security

More regional news

A doctor with glasses sits at a desk and speaks during a telehealth visit.

DEA and HHS extend virtual prescribing for controlled substances through 2025

By
Andrea Fox
November 18, 2024
George Pappas of Intraprise Health on cybersecurity

How to protect telemedicine from cyberattacks

By
Bill Siwicki
November 18, 2024
Doctor talking notes while talking to a tablet

Modernizing acute care: the economic impact of bedside telehealth

November 18, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

A doctor with glasses sits at a desk and speaks during a telehealth visit.
DEA and HHS extend virtual prescribing for controlled substances through 2025

Most Read

Vendor Notebook: New cybersecurity and EHR performance upgrades 
Particle Health files antitrust suit against Epic
Choosing a managed IT service for aged care
ASTP intros 2024 draft Federal FHIR Action Plan
CrowdStrike all but assures Capitol Hill: Never again
Korea's largest hospital bags APAC's first Stage 6 of new INFRAM

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

Dr. Jay Anders at Medicomp Systems_Computer chip with stethoscope Photo by Just_Super/iStock/Getty Images Plus
Transparency and responsible AI are crucial for medical devices
Lee Kim at HIMSS_Global Health Equity Week 2024
AI can be leveraged to improve cybersecurity and health equity
Dr. Keisuke Nakagawa at UC Davis Health_Global Health Equity Week 2024
How artificial intelligence is changing the equation for SDOH integration
Andrea Hsu at National Science and Technology Council_HIMSS24 APAC
Fostering health IT innovation through academic-industrial collaborations

More Stories

U.S. Department of Homeland Security seal
DHS intros framework for AI safety and security, in healthcare and elsewhere
Andrea Hsu at National Science and Technology Council_HIMSS24 APAC
Fostering health IT innovation through academic-industrial collaborations
Doctor smiles and waves into a laptop during a telehealth visit
VA plans to end telehealth copays and fund virtual care access in rural areas
Valerie Rogers at HIMSS_Global Health Equity Week 2024
Technology and policy have a role to play in improving maternal health
Mike Relli at Knight Consulting_Global Health Equity Week 2024
New approaches to improving healthcare access for justice-impacted individuals
HIT professional reviews information on a laptop outside a server room
ASPR seeks feedback on public health orgs' cybersecurity needs
Gabriel Jones of Proprio on AI
Artificial intelligence is enabling big advances in surgery
Pharmacist sorting pills
Deploy RFID technologies to streamline controlled substance management