Six NHS trusts are STILL crippled by global hack attack admits Home Secretary while Nissan's Sunderland car plant becomes latest victim

• e-mail

A Nissan car plant in Sunderland has become the latest victim of the global cyber attack which has crippled health services across the UK.

The firm confirmed production on vehicles halted last night after systems were infected by the ransomware scam which has struck more than 130,000 IT systems in 100 countries worldwide. 

The cyber attack used code developed by the US National Security Agency which was leaked online last month by a mysterious group called the Shadow Brokers.

It comes as experts claim hospitals were using software 16 years out-of-date and failed to take advantage of updates released by Microsoft two months ago that could have prevented the hack.  

Patients were left in limbo as to when they procedures will take place and whether their personal files are safe, while operations have been cancelled and many hospitals are telling people to stay away from A&E departments.

Home Secretary Amber Rudd chaired an emergency meeting of Cobra this afternoon and confirmed afterwards 42 of 48 hospitals affected had returned to normal. 

Embarrassingly, the crisis came as Prime Minister Theresa May last night announced a pledge to make Britain the safest place to do business online.

Scroll down for video 

A multimillion pound Nissan factory in Sunderland, pictured, has become the latest victim of the cyber attack as a virus developed by the US National Security Agency has been used to bring the NHS to its knees 

St Bartholomew Hospital in London, pictured, is one the affected hospitals. The NHS has so far been unable to confirm whether services are returning to normal, with health bosses criticised by computer experts for being unprepared for the attack

The NHS has been hit by a major cyber attack hitting computers, phones and emergency bleepers in hospitals and GP surgeries - and pop-ups like this one have appeared demanding a ransom

Embarrassingly for Prime Minister Theresa May, pictured in Northern Ireland today, the attack came as she pledged to make Britain the 'safest place to do business online'

A Nissan spokesman told the Newcastle Chronicle staff were working to restore the multimillion pound factory to working order.

A spokesman said: 'Like many organisations, our UK plant was subject to a ransomware attack affecting some of our systems on Friday evening. Our teams are working to resolve the issue.' 

It is understood production has still not resumed today, but that the plant was not operating at full capacity when the attack began. 

Meanwhile, during her election campaigning, Mrs May said: 'We want social media companies to do more to help redress the balance and will take action to make sure they do. 

'These measures will help make Britain the best place in the world to start and run a digital business, and the safest place in the world for people to be online.'

Many are questioning where Health Secretary Jeremy Hunt is after he has so far remained silent on the crisis. 

Shadow health secretary Jonathan Ashworth said concerns were repeatedly flagged about the NHS's outdated computer systems, which left it vulnerable to the virus.

In a letter to Mr Hunt on Saturday he wrote: 'As Secretary of State, I urge you to publically outline the immediate steps you'll be taking to significantly improve cyber security in our NHS.

'The public has a right to know exactly what the Government will do to ensure that such an attack is never repeated again.' 

Home Secretary Amber Rudd, pictured, was unable to confirm if any patient records had been lost following an unprecedented global cyber attack which crippled the NHS and caused up to 45 hospitals to tell patients to stay away

Health Secretary Jeremy Hunt has come under fire from the public for staying silent on the crisis while Labour have urged him to reveal what steps are being taken to avoid a similar attack in the future

Mr Ashworth demanded to know:

• Why NHS organisations failed to act on a critical note from Microsoft two months ago?
• What additional resources are being given to the NHS to bring the situation under control as soon as possible?
• What arrangements are currently in place to protect our NHS, and its sensitive data, against cyber attacks?
• Whether the Government will launch a full, independent inquiry into the events of Friday?
• Reassurance for patients that no patient data has been accessed or compromised in Friday's attack?

He added: 'NHS Trusts have been running thousands of outdated and unsupported Windows XP machines despite the Government ending its annual £5.5million deal with Microsoft, which provided ongoing security support for Windows XP, in May 2015.

'It effectively means that unless individual trusts were willing to pay Microsoft for an extended support deal, since May 2015 their operating systems have been extremely vulnerable to being hacked.'

WHO IS BEHIND THE ATTACK? 

It is currently unknown who the culprits are but it is understood criminal gangs will be investigated and it is likely Russia - which suffered the most from the attack - will form a large part of the inquiry. 

Russia has been the focus of several hacking investigations in recent months, with allegations from US sources of state-sponsored attempts to influence last year's US election.

Cyber spies Fancy Bears also operate out of Russia and have been involved in many recent hacking incidents including releasing details of athletes receiving therapeutic use of banned substances ahead of international competitions.

The identity of the culprits remains unknown but the EU's police agency Europol has launched a taskforce to investigate the crimes, with Russia expected to form a large part of the inquiry (file picture)

These included British cyclists Sir Bradley Wiggins and Chris Froome, both Tour de France winners, which showed they had been given exemptions to use banned drugs to treat asthma and allergies.

The spotlight could also fall on North Korea following claims from security experts last month that state-sponsored hackers targeted banks in 18 countries to steal funds to boost its nuclear programme.

A hacking operation known as Lazarus has targeted financial institutions in Europe, Central and South America, Africa, India and the Middle East, according to Russian researchers.

Cyber security firm Kaspersky Lab said it had obtained digital evidence that fuels suspicions that North Korea was involved in last year's $81 million cyber heist of the Bangladesh central bank's account at the Federal Reserve Bank of New York. 

According to the Guardian, the criminals behind the scam have only generated around $20,000 (£15,500) so far.

North Korea could also fall under the spotlight following accusations of state-sponsored hacking of 18 banks around the world last month. Pictured is leader Kim Jong-Un

Investigators Elliptic, a firm that works with law enforcement agencies to track illegal activity around online currency bitcoin, said it had identified a number of addresses for recipients of the funds, but was unable to identify them so far.

Co-founder Tim Robinson told the paper: 'In terms of identifying the attacker, what we can see at the moment is that around $20,000 worth of ransoms have been paid to these addresses.

'There are actually two versions of this malware, there was one that appeared in April and we've identified one bitcoin address associated with that, and there's a second version which appeared on Friday and we've identified three bitcoin addresses associated with that.

'These three addresses have received 8.2 bitcoins to date, which is about $14,000 dollars, and all of those bitcoins are still within those addresses. The ransomer hasn't withdrawn any of the funds yet so there's no opportunity to trace them.'

Advertisement

Speaking to the BBC, Ms Rudd said no patient data had been 'stolen' but she could not confirm that all NHS files are backed-up, and 'hoped the answer was yes'.

She said: That is the instructions that everybody has received in the past. That is good cyber defence, but I expect, and we will find out over the next few days if there are any holes in that.'

She added: 'There may be lessons to learn from this but the most important thing now is to disrupt the attack, let's come back to afterwards whether there are lessons to be learned.' 

Ms Rudd later told Sky News: 'It is disappointing that they have been running Windows XP - I know that the Secretary of State for Health has instructed them not to and most have moved off it.'

She added: 'Where the patient data has been properly backed up, which has been in most cases, work can continue as normal because the patient data can be downloaded and people can continue with their work.' 

But data released under the Freedom of Information Act in December suggested 90 per cent of NHS trusts are using outdated software Windows XP, which is 16 years old and has been branded 'obsolete', leaving systems more vulnerable to attacks.

Hospitals have been forced to put up notes, pictured, informing patients of the delays due to the lack of IT facilities

This map released by cybersecurity experts, shows the impact of the ransomware around the world - with blue dots showing where attacks have been made. Russia is thought to be the worst affected, while Taiwan fears being the victim of a second wave. Europe was targeted first, meaning there were fewer incidents in the US because companies were able to prepare themselves better

Speaking to BBC Radio 4's Today programme, Ms Rudd added the virus had not been targeted at the NHS, saying the attack 'feels random in terms of where it's gone to and where it's been opened'. 

She added: 'Windows XP is not a good platform for keeping your data as secure as the modern ones, because you can't download the effective patches and anti-virus software for defending against viruses.

'CQC (Care Quality Commission) does do cyber checks on the NHS trusts, on hospitals when they do their visits, and they will be advising NHS trusts to move to modernise their platforms and I think that after this experience, I would expect them all to move forward with modernising.'

Ms Rudd said the UK was a world leader in cyber security, adding: 'So far, all we have seen is patients inconvenienced, some hospitals, some doctors making changes to their daily life.

Labour leader Jeremy Corbyn, pictured in Lowestoft today, called the hackers '21st Century highway robbers'

'But the fact is no data has yet been accessed and the NHS are brilliantly managing to weave through this disruption.'

Labour leader Jeremy Corbyn branded the hackers 'unbelievably disgusting'.

He said: 'What we've now got is a bunch of 21st Century highway robbers that have hacked into our NHS and are basically offering protection money to get the information back in order to treat cancer patients or anybody else.

'It's unbelievably disgusting and I've got nothing but contempt for those people that have done it, and I'm sure all of you would share that.

'But I'm also very angry that in 2014, there was a one-year renewal of the protection system on the NHS systems which was not renewed after that and not renewed the year after that and so are systems are now not upgraded and not protected. As a result, we've got this dreadful situation that NHS workers are facing today.

'And so we obviously support our NHS workers but I tell you this, a Labour government would not leave our NHS's very vital information systems unprotected. We would protect them.'

Meanwhile Russia is believed to be the worst affected country with computers in its interior ministry hit and its second largest phone network - Megafon - also targeted. 

Ticketing machines and computers at German railway stations have also been affected alongside Spanish companies including telecoms giant Telefonica, power firm Iberdrola and utility provider Gas Natural. Shipping company FedEx also confirmed it was hit by the attack.   

Ransomware: How do hackers take your data hostage?

Speaking to Sky News, computer expert Lauri Love warned this may not be the end of the attack.

The Finnish-British national, who is accused of stealing data from the US government, said: 'I'm sad to say that this is probably only just beginning; administrators are in for a very difficult weekend,' he said.

'We should expect to see this in almost every country in the world.

'If you've been infected, not only have your files been encrypted and you're being held to ransom, but your machine is being used as a zombie to attempt to affect other machines on the internet.'

But it is understood the hack has now been stopped thanks to a 'kill switch' that was built into the malware code.

The hackers made the attack able to spread itself by using the NSA code, which is known as Eternal Blue.

The Shadow Brokers released Eternal Blue last month as part of a trove of hacking tools that they said belonged to the US spy agency.

Cambridge University professor Ross Anderson said the attack looked to have exploited a weakness in Microsoft software that was previously fixed by a patch released earlier this year.

But he said the patch may not have been installed on NHS computers and said Health Secretary Jeremy Hunt should be 'roasted' in Parliament.

He told the Guardian: 'If large numbers of NHS organisations failed to act on a critical notice from Microsoft two months ago, then whose fault is that?

'This is the sort of thing for which the secretary of state should get roasted in parliament.'

With the virus spreading at a rate of five million emails per hour, tens of thousands of victims have now been reported in 99 countries including the US, Australia, Belgium, France, Italy and Mexico. 

Researchers with security software maker Avast said they had observed 57,000 infections worldwide with Russia, Ukraine and Taiwan the top targets.

Asian countries reported no major breaches on Saturday, but officials in the region were scrambling to check and the full extent of the damage may not be known for some time.

China's official Xinhua news agency said some secondary schools and universities had been affected, without specifying how many or identifying them. 

The virus's global spread has been slowed by the triggering of the virtual 'kill switch'.

According to The Register, the switch is built in to the virus and causes it to search for a website address that, once activated, stops the transmission.

It is believed that website was activated on Friday, pausing the spread of the virus.   

Love, who is facing extradition to the US over the alleged theft of data from government computers, said the attack is being powered by a 'top of the range cyber weapon' used by spies in the US.

'It appears the cyber attack affected so many computers in the UK in the NHS and in Spain by taking advantage of a very nasty vulnerability in Microsoft Windows, which was dumped by hacking group Shadow Brokers who obtained it from the NSA in America.'  

Amid a huge row over cyber security flaws in the NHS, Theresa May was forced to reassure the public that their patient records had not been compromised.

As a massive hunt began for the hackers and the NHS declared a 'major incident':

• The hack reportedly hit up to 74 countries, but the NHS is thought to have been the biggest institution affected;

• NHS computers, MRI machines and telephones were switched off to stop the attack spreading;

• Staff described computers going down 'one by one';

• Doctors were forced to resort to using pen and paper, while patients told of their agony at having operations cancelled;

• Police sources said the attack bore the hallmarks of a co-ordinated Eastern European or Russian gang operation;

• Experts said they had been warning about an attack on the NHS for months;

• It was claimed the hackers may have taken advantage of a chink in the armour of the Microsoft system revealed by a WikiLeaks dump of CIA documents. 

The 'Wanna Decryptor' virus, spread via email in what experts called a 'highly co-ordinated and aggressive' attack, locked staff out of their terminals and demanded $300 (£230) worth of the virtual currency bitcoins to release the files on each employee account. 

Microsoft had apparently launched a defence patch against the virus in March, but experts said few hospitals had updated their systems. 

Police discussed the cyber attack with NHS staff at Lister Hospital in Stevenage

The Prime Minister insisted the ransomware hit was 'not targeted' at the health service but was part of a wider assault. 

She added: 'The National Cyber Security Centre is working closely with NHS Digital to ensure that they support the organisations concerned and that they protect patient safety.' 

Mrs May stressed it was unlikely the hackers could access private patient data. But the virus is thought to have locked doctors out of patient records, test results and X-ray scans. 

The hackers said the ransom will double if it is not paid within three days and the data will be deleted if it is not paid within a week. 

A note which appeared on computers throughout the afternoon said: 'Ooops, your files have been encrypted! Maybe you are looking for a way to recover your files, but do not waste your time.' 

As of 6.30pm yesterday, at least 37 NHS trusts in England had been affected. Hospitals in London, Blackpool and Colchester are thought to have been the worst hit – but last night the virus spread over the border into Scotland as the NHS admitted the extent of the chaos had not yet become clear. 

It is not known how many computers were affected but if all of the NHS's 1.4 million employees were affected, the health service would have to hand over £326 million to unlock the scrambled data. Security sources said the Government would not pay a ransom. 

RANSOMWARE: THE CYBER ATTACK THAT CRIPPLED THE WORLD

What is ransomware? 

Ransomware is a type of malicious software that criminals use to attack computer systems.

Hackers often demand the victim to pay ransom money to access their files or remove harmful programs.

The aggressive attacks dupe users into clicking on a fake link – whether it's in an email or on a fake website, causing an infection to corrupt the computer.

In some instances, adverts for pornographic website will repeatedly appear on your screen, while in others, a pop-up will state that a piece of your data will be destroyed if you don't pay.

In the case of the NHS attack, the ransomware used was called Wanna Decryptor or 'WannaCry' Virus. 

The WannaCry virus targets Microsoft's widely used Windows operating system and can quickly spread through an entire network of computers in a business or hospital, encrypting files on every PC

What is the WannaCry virus? 

The WannaCry virus targets Microsoft's widely used Windows operating system.

The virus encrypts certain files on the computer and then blackmails the user for money in exchange for the access to the files.

It leaves the user with only two files: Instructions on what to do next and the Wanna Decryptor program itself.

When opened the software tells users that their files have been encrypted and gives them a few days to pay up or their files will be deleted.

It can quickly spread through an entire network of computers in a business or hospital, encrypting files on every PC.

How to protect yourself from ransomware 

Thankfully, there are ways to avoid ransomware attacks, and Norton Antivirus has compiled a list of prevention methods:

1. Use reputable antivirus software and a firewall

2. Back up your computer often

3. Set up a popup blocker

4. Be cautious about clicking links inside emails or on suspicious websites

5. If you do receive a ransom note, disconnect from the Internet

6. Alert authorities 

Advertisement

A spokesman at Barts NHS Health Trust, which runs five hospitals in London, said: 'We have activated our major incident plan to make sure we can maintain the safety and welfare of patients.' 

Dr Krishna Chinthapalli, a registrar at London's National Hospital for Neurology and Neurosurgery, said it was the worst attack of its kind ever seen. 

Just 24 hours before the attack, Dr Chinthapalli wrote in a British Medical Journal paper that the NHS was ill-prepared for a cyber attack – warning that nine out of ten NHS trusts ran an 'obsolete' version of Windows. 

He wrote: 'We should be prepared – more hospitals will almost certainly be shut down by ransomware this year.' 

Brian Lord, the former deputy director of GCHQ Cyber and Intelligence, said the attack had been 'inevitable' because firms were 'neglecting basic cyber hygiene'. 

Police at Southport Hospital following the NHS cyber attack yesterday

A spokesman for NHS Digital said: 'At this stage we do not have any evidence that patient data has been accessed. 

'This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors.' 

Experts have been warning for months that the NHS was at risk. Gordon Morrison, director of government relations at Intel Security, warned last November that many NHS hospitals used 'antiquated' computer equipment which did not have the latest security programmes. 

Experts estimate roughly a third of NHS trusts had been attacked before last night. 

Last year an investigation revealed that seven NHS trusts, serving more than two million people, spent nothing on cyber security throughout the whole of 2015. 

East and North Herts NHS Trust issued this warning to patients on their website

Sky News, working with security experts, uncovered misconfigured email servers, outdated software and security certificates.

 It also found NHS trusts' emails and passwords were available through public searches. 

In a similar attack, Wichita Heart Hospital in Kansas last year agreed to pay the hackers' fine, but instead of unlocking all of the information, they released only part of it and tried to extort more cash. 

The hospital refused, and has been left permanently locked out of some data. 

Cyber attack Q&A: What happened, why are hospitals vulnerable and didn't the NHS know it was at risk? 

Cyber criminals have unleashed their most dangerous weapon on the NHS – 'ransomware'. CHIEF REPORTER SAM GREENHILL explains.

What happened?

At 1.30pm yesterday, NHS computers came under massive attack from cyber criminals threatening to destroy patient files unless they received a ransom. Staff found computers locked, with a warning that files had been scrambled to make them unintelligible. It gave a one-week deadline to pay up and recover the data – or see it deleted. In response, dozens of NHS Trusts shut down their IT systems – cutting off phone lines and medical machinery.

Who is affected?

At least 37 NHS Trusts have been attacked by the 'Wanna Decryptor' ransomware virus.

What is ransomware?

A malicious virus which infects devices and holds information hostage until a ransom is paid. It can be triggered by a staff member clicking on a link in a malicious email that may look innocent. The virus lies low until it is activated, either by a timer or remotely by the cyber gang.

Blackpool Victoria Hospital is one of many across the country hit - operations have been cancelled and ambulances diverted 

What are the cyber criminals demanding?

The ransom note warns: 'Do not waste your time. Nobody can recover your files without our decryption service.' It demands $300 (£230) worth of the digital currency bitcoins – per computer infected – within three days or the price doubles. If the ransom is not paid by Friday, the files will be wiped 'forever'.

What are bitcoins?

The controversial web currency, dubbed 'geek's gold', recently overtook the value of an ounce of gold. One bitcoin is worth £1,367. They are not physical coins and only exist in cyberspace. Users can remain anonymous, which is why they are often used for illegal activity.

Why are hospitals vulnerable?

Many NHS computers are running very out-of-date software which can have serious security flaws. At least ten health trusts still rely on the Windows XP operating system, released in 2001.

Why target hospitals?

This is viewed as 'unethical' by some hackers, but hospitals are increasingly being seen as easy targets who will pay up quickly because getting systems running is a matter of life and death.

Who are the prime suspects?

Sources said the attack pointed to a criminal network rather than a state. Security insiders have vowed that the Government will not pay a ransom. Hackers in Russia, China, Ukraine and Taiwan have been pioneering ransomware lately.

Didn't the NHS know it was at risk?

Almost a third of NHS trusts have been infected by ransomware, according to the latest edition of the British Medical Journal. Experts have been warning about the risk to the NHS for years. Last year the Papworth Heart Hospital in Cambridge was attacked, but fortunately, a backup had just been completed of its files, meaning the system could be rebooted and the data was safe. The IT director said: 'We were very, very lucky.'

How can attacks be prevented?

Software should be kept up to date. Anti-virus programs can also be used to 'clean' malicious software from a computer. 

Advertisement

Heart surgery I waited ten months for was cancelled at the last minute because of the cyber attack, reveals patient

A heart patient told last night how his long-awaited operation was cancelled because of the cyber attack as he waited to go into the operating theatre.

Patrick Ward, 47, had travelled with his family from his home in Steeple, Dorset, to St Bartholomew's Hospital in Central London for open heart surgery.

He was due to have a septal myectomy, for which he had been waiting ten months.

The surgery involves removing part of the septum – a wall of tissue that separates part of the heart – which is obstructing the flow of blood.

 Patrick Ward, 47, had travelled with his family to St Bartholomew's Hospital in Central London for open heart surgery only to have the operation cancelled

After having his arms and chest shaved and a cannula inserted into the back of his hand, he was ready to go into theatre when his surgeon told him they had to cancel the operation.

'I was told at about 1.30 that there had been a cyber hack and we couldn't proceed today,' he said. 'Apparently if I needed a blood transfusion during the procedure they would need to access files on their database, which they can no longer do.

'They can't tell me when the next available slot is to reschedule, so we'll stay at a hotel in London tonight and head back to Dorset tomorrow.'

Mr Ward, a sales director for an ice cream company, said: 'It's a specialist operation so it could be a while before I get another appointment. What I have isn't life-threatening but it has impacted my life a lot. It's very restricting.

'I think this is one of the few hospitals that can do it, and they only do it on certain days which is why I've had to wait so long to get a date set. It prevents me from doing exercise and I get pains when I walk. I was hoping to be able to play football again after the operation.

'I was supposed to spend a week in hospital recovering. My daughter travelled from Liverpool today to spend the weekend with me.'

Emma Simpson and her son whose appointment was delayed after the attack

Emma Simpson took her son, Sebastian, to Whipps Cross University Hospital in Leytonstone, east London, for an X-ray on his broken toe but was sent home because of the cyber attack.

They had an appointment with an orthopaedic clinic to check that the toe was healing properly.

But when they arrived they were greeted by 'chaos' and told that computers would be down until 'at least Monday'.

'They sent us away and said they would call us with a new appointment,' she told ITV London. 'Lots of people were very disappointed.'

A woman with a suspected blood clot was turned away from the Lister Hospital in Stevenage, Hertfordshire.

Anthony Brett from Bow, east London, was about to have a stent put in his liver to treat his cancer when he was told the procedure could not happen

Janetts Douras originally went to the A&E department on Thursday with the suspected clot but was sent home after six hours and told to return yesterday for a CT scan.

But after an hour she was sent away again with medication that she must inject herself to thin her blood.

She was asked to come back on Monday but said: 'I can't see it happening.' 

The day the screens went dead: NHS staff tell of shock as computers freeze then hospitals plunge into chaos

The screens went blank one by one. Shortly after 1.30pm staff in busy hospital wards, GP surgeries, operating theatres and NHS offices up and down the country sat blinking uncomprehendingly at their screens as their systems went down.

Yesterday stunned doctors, nurses and staff revealed how the NHS was paralysed over a matter of hours from a catastrophic cyber attack.

A spam email set off an irreversible train of events, infecting computers, critical hospital software and finally even the phones went dead.

The NHS has been hit by a major cyber attack and criminals have taken control of computers and cut off phone lines across England, leaving some departments working with pen and paper

One shocked worker at Colchester General Hospital described how her office's computers were 'wiped out, one by one'. 'My computer locked at about 3pm and I couldn't get anything to work. Then my colleague sat next to me said her computer was down. It swept through the office and everyone was affected and didn't know what was going on. One by one the computers were wiped out.'

Tim Dawson, a doctor in a hospital in the North West, said: 'NW hospital computer systems under cyber attack 4 ransom... Sitting in front of a blank screen & can't do any work. Criminal. Poor patients.' Another medic, Chris Lofthouse said: 'Someone has hacked into the computer network at Royal Blackburn Hospital!! Can't give out prescriptions to anyone!!!!'

Nurses and doctors were forced to resort to pen and paper and by 3pm, the only form of communication was hand-held radios. One father, Warren Jones, said staff could not even print out an identity tag for his baby daughter born at 10.30am yesterday. The 24-year-old courier said: 'They don't want to let people go [from the hospital]. It is normal to have two baby tags – we have got no tags. They can't print them out.'

Patients, relatives and friends flocked to social media to vent their fury as patients were told at the last minute their operations were cancelled.

The NHS is investigating 'an issue with IT' amid reports of a cyber attack on its systems

Pharmacist Chris Maguire tweeted: 'All shut down in Yorkshire – even in GP practice. Back to handwriting notes while seeing patients without full histories!' Richard Davidson, a junior doctor in Carlisle, tweeted: 'Clinic in ruins. This is chaos. Why would anyone do this?'

Another doctor posted: 'Massive NHS hack cyber-attack today. Hospital in shut down. Thanks for delaying emergency patient care & endangering lives. A**holes.'

Twitter user fendifile, a doctor based in London, shared a photo of her computer screen following the cyber attack. She added: 'We are in middle of an #nhscyberattack computers now all powered off. Happy Friday. Our emergency surgeries are running doors open, we can access our software but ransomware window pops up every 20-30 seconds so we are slow.'

Patient Mark Pritchard wrote: 'Can't get discharged from Colchester general and my test results inaccessible – all computers down from what I hear.'

Dr Tarek Seda, who works at Kings Mill Hospital in Mansfield, said he had to divert a serious case because of the cyber attack. He told the BBC: 'I had a lady today who has severe back pain which potentially could paralyse her, and we had to divert her to another hospital... for further management.'

And an ambulance driver who works for a subcontractor at London's St Bartholomew's Hospital claimed that another ransomware attack had happened six months previously. He said: 'It's terrible if this has happened again...the system was down for a few days.'