UK's largest hospital trust battles Friday 13th malware outbreak

Malware has infected hospital computers at the UK’s biggest NHS trust.

Barts Health, which runs six London hospitals, shut down parts of its network on Friday to prevent the spread of the as-yet-unidentified software nasty. The organization oversees Mile End Hospital, Newham University Hospital, The Royal London Hospital, St Bartholomew's Hospital, The London Chest Hospital, and Whipps Cross University Hospital.

A spokeswoman for the group confirmed to El Reg that it pulled the plug on IT gear as a precaution, and said earlier rumors of a ransomware outbreak were completely false. Patient care has not been affected, she added before pointing us to this statement on the security cockup:

On 13 January, Barts Health became aware of an IT attack.

We are urgently investigating this matter and have taken a number of drives offline as a precautionary measure.

We have already established that the Cerner Millennium patient administration system and the clinical system used for Radiology are not affected. We have tried-and-tested contingency plans in place and are making every effort to ensure that patient care will not be affected.

Aatish Pattni, head of threat prevention in northern Europe for Check Point, said: “This attack could be the result of an employee inadvertently clicking the wrong link in an email, or may be a targeted attack against the trust.”

Malware infections at NHS hospitals are rare but far from unprecedented. Barts itself has been a victim before: in November 2008, PCs at three of its hospitals were knocked offline following an infection by the MyTob worm. The malware outbreak forced the hospitals to briefly reroute ambulances and disrupted hospital administration while the software nasty was contained. ®