Ransomware cyber attack

Ransomware cyber attack

May 12, 2017

Pharmacy teams will be aware from media reports that since Friday 12th May, the computers and IT systems of many individuals and organisations around the world have been affected by ransomware. This includes several NHS organisations, which are being supported by NHS Digital to deal with the issue. 

NHS Digital are working closely with the National Cyber Security Centre, the Department of Health and NHS England and they are regularly updating their website with the latest guidance and news.

Unless otherwise directed by their IT system supplier/helpdesk, pharmacy teams can continue to use EPS, SCR and NHSmail. 

Pharmacy teams should always be suspicious of unsolicited emails and to be especially cautious of attachments or visiting website links within unsolicited emails.

Update – Tuesday 16th May – Some pharmacy contractors have been contacted today by their local NHS England team, who have been seeking assurances that appropriate software patches have been applied to pharmacy computers in response to the ransomware attacks. PSNC discussed these requests with NHS England’s central team, as they were not believed to be appropriate, and a message was subsequently sent this afternoon to NHS England regional incident control centres, advising that it is not necessary to contact pharmacy contractors individually regarding the cyber-attack and advising that pharmacy contractors should contact their system supplier for further advice.

Pharmacy system suppliers usually manage the application of software patches for pharmacy computers and pharmacy teams should therefore seek advice from their system supplier before installing any software patches.

Further information on the ransomware attack and advice on how to prevent such attacks

If you believe your system has been impacted

If you believe a computer has been affected you should immediately disconnect the network cable/switch off WiFi network access and power the computer down, then contact your IT provider’s helpdesk. Always consult your IT provider/helpdesk before taking any action that might affect your system.

If a computer on your network becomes infected with ransomware it will begin encrypting local machine files and files on any network device the logged-in user has permission to access. For system administration accounts this may include backup storage locations.

Further information on NHS IT systems

Information provided by the NHSmail team – NHSmail are aware of the ransomware attack affecting a wide range of organisations. Currently there is no evidence to suggest that NHSmail has been affected in any way and we have had no reports of any patient data being compromised.

All supporting systems that provide the NHSmail service have been fully checked and no evidence of the infected malware has been found.  Our supplier will continue to work with the National Cyber Security Centre, the Department of Health and NHS England to monitor this threat, and adopt the appropriate updates when advised.

CareCERT guidance on NHSmail

Information provided by NHS Digital – N3 – N3 has not been identified as an attack vector. Unaffected and fully patched sites can remain connected to these national systems. There are always threats and vulnerabilities in the wider system so it’s important to have an efficient patching regime and continue to action CareCERT advice.



Posted in:


More Latest News >

Ask PSNC: NUMSAS FAQs

The team at PSNC has received a number of queries on the NHS Urgent Medicine Supply Advanced Service (NUMSAS) since...