Six NHS trusts still dealing with cyber attack that hit one in five across England, says Home Secretary

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy policy

Six NHS trusts in England are still being affected by the ransomware cyber attack, Home Secretary Amber Rudd has said following a meeting of the Government’s emergency Cobra committee.

Ms Rudd said 48 of the 248 trusts in England were hit by the program but the other 42 had managed to recover control of their systems.

The problems forced hospitals to cancel appointments and delay treatment as medical files could not be immediately accessed and have affected thousands of companies and government departments in some 100 countries around the world, including the US and Russia.

The attack's spread was limited after a cyber analyst, working while on holiday, accidentally triggered a hidden ‘kill switch’ in the malicious software.

The 22-year-old, who tweets as @MalwareTechBlog, said he bought a domain name buried in the WannaCry program’s code for just $10.69 (£8.29).

When the ransomware tried to use the address as a trigger mechanism it was diverted, halting a huge number of potential attacks.

Ransomware locks users out of their files and demands payment – in this case, in the Bitcoin cryptocurrency – to release them.

After the Cobra meeting, Ms Rudd said: “Of the 48 that have been impacted, most of [the trusts] are back to normal course of business.

“So only six of them have some limits on their business.”

She claimed the problems were not a sign that the NHS had been unprepared for such an attack.

“If you look at who's been impacted by this virus, it’s a huge variety across different industries and across international governments,” Ms Rudd said.

“This is a virus that attacked Windows platforms. The fact is the NHS has fallen victim to this.

“I don't think it's to do with that preparedness. There's always more we can all do to make sure we're secure against viruses, but I think there have already been good preparations in place by the NHS to make sure they were ready for this sort of attack.”

However, she admitted, “there's always more” that can be done to protect against viruses.

The Japanese car giant Nissan admitted on Saturday morning that its Sunderland factory had also fallen victim to ransomware.

France’s Renault was also affected.

A Nissan spokesman said: “Like many organizations around the world, some Nissan entities were recently targeted by a ransomware attack. Our teams are responding accordingly and there has been no major impact on our business. We are continuing to monitor the situation.”

Though the problem is infamous in the UK for the damage it has done to NHS systems, the effects have focused most specifically on Spain and Russia, according to experts.

“This cyber attack is much larger than just the NHS,” said Travis Farral, the director of security strategy for cyber security firm Anomali Labs. “It appears to be a giant campaign that has hit Spain and Russia the hardest.”

The software is believed to be using an American cyber-weapon leaked to the public earlier this year. The ransomware is taking advantage of EternalBlue, an exploit spies used to secretly break into Windows machines, according to the Register.

Microsoft patched the issue earlier this year, but only on version of the Windows operating system that it continues to support. Up to 90 per cent of NHS computers still run Windows XP, according to a report published in the British Medical Journal earlier this week.

The operating system was released in 2001, and Microsoft cut support for it in 2014. People can continue to use it, but doing so comes with enormous risks.