The cyber-attack that disrupted NHS systems and forced operations to be cancelled throughout the UK on Saturday has become a bitterly contested election issue, with Labour and the Liberal Democrats blaming the crisis on the government’s failure to upgrade hospital computers.
A Cobra emergency ministerial meeting held on Saturday afternoon heard that 48 NHS organisations – a fifth of the total – were caught up in the attack, which spread to 99 countries.
The shadow health secretary, Jonathan Ashworth, wrote to the health secretary, Jeremy Hunt, saying that concerns had been repeatedly raised about the NHS’s outdated computers.
The Labour leader, Jeremy Corbyn, expressed anger that the government had not renewed a multimillion-pound security package.
“In 2014, there was a one-year renewal of the protection system on the NHS systems which was not renewed and so systems are now not upgraded and not protected,” Corbyn said. “As a result, we’ve got this dreadful situation.”
The Lib Dems demanded an inquiry into why the Conservatives had cut cybersecurity support a year ago when it axed the £5.5m deal with Microsoft.
“We need to get to the bottom of why the government thought cyber-attacks were not a risk, when a combination of warnings and plain common sense should have told ministers that there is a growing and dangerous threat to our cybersecurity,” said Lib Dem home affairs spokesman Brian Paddick.
“It is worrying that in Amber Rudd we have a home secretary in the digital age more suited to the era of analogue,” he said.
“This is not the first time she has looked lost in cyberspace. The government likes to look tough, but this is an example of where it has left Britain defenceless.”
But speaking in Northern Ireland, the prime minister sought to emphasise the global nature of the attack.
“This cyber-attack that has taken place has affected organisations here in the UK but in many countries around the world as well,” Theresa May said.
“Europol has said that it is unprecedented in terms of the scale. The National Cyber Security Centre is working with all organisations here in the UK that have been affected and that’s very important.”
Rudd said that all but six of the NHS trust IT systems that had been hit in the attack were able to function again and dismissed claims that the government was not taking cybersecurity seriously enough.
“This government has long recognised the growing threat of cyber-attack from those who wish to do us harm and has invested significantly to bolster our cyber-defences,” she said.
The Ministry of Defence played down concerns on Saturday that its four Trident-missile carrying submarines are vulnerable to the kind of cyber-attack that created havoc with the NHS.
While the four submarines use Microsoft Windows software which left the NHS exposed, the nuclear submarines have been designed for almost complete isolation when at sea.
The Windows software was installed on the submarines to save money rather than meet the cost of a tailored system.
An MoD spokesperson said: “While we don’t comment on the specific systems used by our submarines, for reasons of security, we have absolute confidence in our independent nuclear deterrent.”
In the wake of Friday’s ransomware attacks, NHS staff painted a picture of chaos at some trusts, as failed computer systems brought electronic communication to a standstill.
Barts, the biggest trust in the NHS, was one of those hit the hardest. On Saturday ambulances were being directed away from the three A&E units it runs at Newham, Whipps Cross and the Royal London hospital. The trust has also had to postpone an undisclosed number of non-urgent operations due this weekend, mainly hip and knee replacements.
Porters were having to take x-rays and CT scans by hand to doctors, resulting in some patients experiencing delays in their diagnosis.
The University Hospitals of the North Midlands trust, which runs hospitals in Stoke and Stafford, said the cyber-attack had resulted in only “minimal impact on clinical services”, but was nonetheless asking patients not to come to its A&E units unless absolutely necessary.
The British Medical Association said some doctors had to “resort to pen and paper” instead of updating patient records digitally.
Dr Mark Porter, BMA council chairman, said: “This cyber-attack on NHS information systems is extremely worrying for patients and the doctors treating them. There have been reports of hospital doctors and GPs unable to access patients’ medical records, appointment booking systems and in some cases having to resort to pen and paper.”
The former NHS Digital chairman Kingsley Manning said a cyber-attack “was always going to happen”. Money earmarked for IT upgrades was sometimes diverted by NHS trusts because “it is very difficult to get individual trusts, even if you provide the money centrally, to actually use that money for this purpose”.
Jan Filochowski, who ran six trusts including Great Ormond Street children’s hospital in London, said: “Most of the NHS IT system is out of date. It’s been behind the curve in terms of investment in IT for years.
“But there’s a real problem in replacing it because the costs are enormous and it would involve major capital expenditure from the Treasury and that has been deeply constrained [in recent years] during the resource squeeze in the NHS.
“To give the NHS the modern IT system it so desperately needs would cost hundreds of millions, and probably billions, and it would take years to do, given the complexity involved.”
Cybersecurity experts say the attacks, launched through a virus called Wanna Decryptor, exploit a vulnerability in Microsoft Windows software that was first identified by the US National Security Agency, which built a specialist hacking tool to exploit it.
The tool was leaked on to the web earlier this year when hackers dumped a cache of NSA files. In March Microsoft issued a special patch to protect Windows users.
But only those who uploaded it were protected from the ransomware attack, in which hackers demanded payment in return for unlocking their victims’ computers.