Cyber security incident

15 May 2017 02:24 PM

Our Data Security Centre continues to work around the clock alongside the National Cyber Security Centre, to support NHS organisations that have reported any issues related to this cyber-attack.

In addition to providing 24/7 specialist support, we have issued a number of targeted bulletins to further support, guide and reassure NHS staff with cyber-security responsibilities in their organisations.

NHS Digital is continuing to expand the range of data security services it offers in support of NHS organisations; helping them to take appropriate cyber security measures and respond effectively and safely to cyber security threats.

We continue to alert NHS organisations to known cyber security threats and advise them of appropriate steps to take to minimise these risks, such as in the case of this issue.

In addition to protective real time monitoring of national NHS IT services and systems, which were unaffected by this issue, we are supporting NHS organisations by:

•  undertaking cyber security testing and providing bespoke advice and action points.
•  offering training for their health and care staff to ensure they know the simple steps to help to keep their organisation secure.

It is important to note that the vast majority of NHS organisations report that they are running contemporary IT systems, which are commissioned depending on local need.

However it is true to say that a very small percentage of organisations are still in the process of upgrading all of their devices from older operating systems; but where this is the case there are simple steps that can be taken to protect against cyber threat.

Guidance documentation for NHS organisations impacted by the cyber incident have been distributed via our CareCERT bulletins but can also be accessed here:

Read the latest guidance for the NHS on protecting against the cyber attack

NHS Digital letter explaining patches to protect against cyber attack [292.85Kb]

Technical guide for patching to protect against cyber attack [533.63Kb]

Responses to FAQs on the cyber attack on the NHS 12 May 2017 [408.13Kb]

Technical guidance on reconnecting to networks following precautionary disconnection [104.08Kb]

NHSmail - confirmation it is safe to connect [118.27Kb]

In addition to protective real time monitoring of national NHS IT services and systems, which were unaffected by this issue, we are supporting NHS organisations by:

• undertaking cyber security testing and providing bespoke advice and action points
• offering training for their health and care staff to ensure they know the simple steps to help to keep their organisation secure

If you have questions about whether your organisation is affected or what guidance you should follow locally, please contact your organisation's IT helpdesk.

If you're an IT manager and you believe your organisation is affected and require support or further information, please contact NHS Digital on carecert@nhsdigital.nhs.uk or by calling 0800 0856653.