Hundreds of cyber attacks on Yorkshire public services

Hundreds of successful cyber attacks have breached the security systems of Yorkshire's hospitals, councils and universities, The Yorkshire Post reveals today.
ll
l

Almost 300 successful attacks took place on three of the county’s largest universities, with three councils also reporting incidents in which hackers locked files and demanded ransoms.

Several NHS trusts across Yorkshire were seriously affected by the recent worldwide WannaCry ransomware attack, resulting in the cancellation of dozens of operations and appointments.

Hide Ad
Hide Ad

Detective Chief Inspector Andrew Fyfe, from the National Fraud Intelligence Bureau, said the nature of the NHS makes hospitals particularly vulnerable when attacks like WannaCry occur.

“With the NHS, the risk with ransomware attacks is that the data is frozen so you can’t access or make use of it,” he said.

“In the case of hospitals, this means they can’t access medical information so some had to shut down scanning equipment and cancel operations. Indirectly, this could cost lives.”

More than 1,800 computers at York Teaching Hospital NHS Foundation Trust, which runs hospitals in York and Scarborough, were infected with the impact resulting in 31 elective surgical procedures and 59 outpatient appointments being cancelled.

Hide Ad
Hide Ad

Prior to WannaCry, two separate successful attacks in which NHS files were encrypted and a ransom demanded were carried out the Mid Yorkshire Hospitals NHS Trust in 2016/17. A criminal investigation is ongoing into a separate cyber attack which hit Northern Lincolnshire and Goole NHS Foundation Trust in November.

That trust was also affected by WannaCry in May, along with Barnsley Hospital and the Hull and East Yorkshire Hospitals NHS Trust.

Full details of the national impact of the WannaCry attack are yet to be made public, but an investigation by The Yorkshire Post and its sister titles has found at least 8,000 patients had operations and appointments cancelled after 47 trusts in England were affected.

Public-sector organisations across Yorkshire have revealed the extraordinary level to which they are targeted by cyber criminals, with Leeds City Council alone having to repel around one million attacks per month.

Hide Ad
Hide Ad

Across the country, a four-month investigation has shown the extent to which the cyber defences of Britain’s public bodies are being penetrated.

Between March 2014 and April this year there were 424 successful attacks on the computer systems of 182 NHS bodies, local authorities and other public bodies. A total of 111 UK councils reported 256 ransomware incidents.

Kirklees, Barnsley and Sheffield Councils were all affected, as were the universities of York, Huddersfield and Leeds Beckett. All the organisations said no ransoms were paid or data lost.

Nationally, incidents included hospital websites being blocked for months to the encryption of 20,000 adult social care records. Despite such attacks being criminal acts, many are going unreported to the police.

Hide Ad
Hide Ad

Gerald Vernon-Jackson, former vice chairman of the Local Government Association, said: “If information gets into the wrong hands it puts councils at significant risk. On the whole, council IT systems are particularly good because they rely on them so much. But like with the NHS, it can be that we get stuff that gets through.”