On Friday 12th May NHS IT and communication systems up and down the UK were shut down as Hospitals and GP surgeries fell victim to a ransomware attack on their computer systems. Staff were presented with a screen stating that their files had been encrypted and demanded $300 in Bitcoins, an online currency, in order to make the data usable again. The virus spread quickly across the heavily networked but aging NHS infrastructure. Affected organisations gave the order to shut down all IT systems to halt the spread and large parts of the NHS lost all telephone and computer systems as they were returned to the world of pen and paper.
At my surgery in Nottingham, we were without computer systems for three working days. Being under “cyber attack” was an interesting experience.
The effect of losing multiple systems all at once was extremely disruptive. To make matters worse, our IT support and CCG also lost the use of their phones, email and computers at the same time. It was impossible to report problems upward, communicate with our colleagues or receive instructions about how to react or respond.
However, we in General Practice and the NHS are an adaptable bunch. It was only a matter of minutes before we were handwriting on the paper from our printers and dusting off the BNFs. Reception did a great job of recreating our appointment ledger on a white board. Patients were understanding. Staff turned to social media and news websites on their phones for information. Before long people across the system were finding alternative ways of communicating, using mobile phone numbers, facebook, twitter and personal emails to cascade information and coordinate our response. Our staff even drove around neighbouring practices to inform them of the instructions to switch off their IT.