25 NHS trusts and multiple doctors' practices in England and Scotland (but so far, not Northern Ireland or Wales) report that they have had to effectively shut down due to a massive Wcry ransomware infection that has stolen whole swathes of the English healthcare system in one go. The infection appears to exploit a bug that the NSA discovered and deliberately kept secret, only to have it revealed by the Shadow Brokers.
NHS spokespeople deny that the attacks were targeted at the medical system -- it is part of a wider flood of ransomware attacks hitting the whole world today.
This echoes the wave of 2015/16 ransomware attacks on US hospitals, in which opportunistic attacks seemingly accidentally shut down several hospitals. In those cases, it appeared that at first the criminals thought they'd hit paydirt and demanded huge sums, then settled for relatively small ones when they sensed that stealing a hospital was likely to evince a concerted policing effort that could land them in hot water, so they cut their losses (there was even an English hospital stolen in that wave).
Among those affected are:
* Blackpool, Lancashire - asked people not to attend A&E unless it was an emergency
* Broomfield Hospital, Essex
* Colchester General Hospital
* Derbyshire - shut down all IT systems
* Great Yarmouth
* Hertfordshire (East & North) - experiencing problems with computers and phone systems
* James Paget (Norfolk)
* Lanarkshire - closed down its non-essential IT network and urged patients only to attend A&E in an emergency
* Lister, Stevenage - postponed all non-urgent activity and asking people not to come to A&E
* Northwick Park (NW London)
* Queens Hospital, Burton
* Royal Berkshire - phone lines may have problems but patient care remains unaffected
* St Bartholomew and Royal London
* UHNM - Royal Stoke
* Watford General
Ransomware WCry is making a lot of victims worldwide: GE, ID, JP, MX, PH, RU, SP, ES, TW, NL, TR, PT, UA, VN, FR and In the UK at the NHS. pic.twitter.com/lr5MO6RAvw— Victor Gevers (@0xDUDE) May 12, 2017