You think the NHS cyber-attack was a shock? Wait for this…

May 13, 2017

by Martin Odoni

The cyber-attack that hit National Health Service hospitals yesterday has, inevitably, been twisted by Amber Rudd into a tool with which to add extra pressure onto the Service. Her exhortations to the NHS to ‘learn’ from the attack have more than an echo of clichĂ© about them, to say nothing of diverting from the ongoing funding squeeze in healthcare. With hospitals up and down the land reducing staff and budgets, how exactly they can afford, or find the time, to keep software secure, is a bit of a mystery.

It was all very well Jeremy Hunt, the Health Secretary who makes everybody sick, telling hospitals not to use the 16-year-old Operating System Windows XP on their computers, but he did not really give them the means of getting hold of any of its successors. Licenses for using Microsoft systems on multi-server networks can get very expensive, and they also need substantial IT staff both to get them installed, and to keep them maintained. That costs money, whether Tory dogma likes it or not. (Ending a support deal with Microsoft a couple of years back did nothing to help either.)

So all the details from yesterday are alarming enough, and while I have no doubt indicators will be found that the NHS might have handled it better, squirming and blame-shifting by the Government should not be tolerated.

However, I have reason to worry that yesterday was a symptom of a more ingrained disease. You see, the scariest aspect of NHS cyber-security is not that Windows XP is still being used so widely around the country. No. What is scariest is that I have learned that it is not the oldest OS by any means.

Out of discretion and to protect their job, I cannot reveal who has informed me of this, or where specifically the individual works. I know that might sound like the cover story of an irresponsible rumour-monger, but I will have to ask readers to take this on trust. However, the informant is a specialist working at a hospital in the north-west of England. They state that this hospital still has computers running on – wait for it…

Windows 95.

No, you did not read that incorrectly; there is at least one hospital in the country whose computers are still using an Operating System that was released twenty-two years ago, and for which Microsoft ceased all support at the end of 2001.

Yes, before anybody asks, the computers in question are fully connected to the Internet.

This suggests that the problem of obsolete cyber-security in the NHS may be more deeply-rooted than merely the current mean-fistedness of Austerity Government. Austerity certainly is not helping, in that it delays any attempts to get up-to-date. But the computers in question may have been in use since around the time Tony Blair became Prime Minister way back in 1997. This suggests that the last Labour Government may have also mishandled – perhaps not taken seriously – the important matter of software security.

I can say no more about this at present without compromising the identity of the informant, but to the best of my understanding, what I have been told is almost certainly true.


4 Responses to “You think the NHS cyber-attack was a shock? Wait for this…”

  1. Sophia.George đź’‹ Says:

    Reblogged this on Site Title and commented:
    Wow very objective. And rather alarming. Whoever the next government is (hopefully, Labour for the good of all) really need to concentrate their energies on saving our NHS and seemingly the life support needs to be gaining some form of pump. Disgusting. Under staffed under paid and now under equipped.

    I can’t help but think this could be a right wing attack however. Less than a month before the general election we have a cyber attack?! Seems far fetched and fururistic at best.

  2. I wouldn’t be surprised by that. Trying to operate an up to date IT system in the NHS is very challenging, seen as lesser priority.

    For example, in time that you can book/order everything online, the place I work still send out patient appointment via letters. We are now just to start to develop reminders via text messages. I remember once some managers did a presentation to a patient group about the new appointment confirmation hotline, where you can confirm your hospital appointment over the phone. Unfortunately, the patient group was the local deaf community….

    I know one clinical area which still does handwritten letters. They print out large amount of letter templates, then just write down time and date and address of the patient in them. Takes hours and they make mistakes.

  3. koenigal86 Says:

    A Windows 95 computer connected to the Internet much crash and freeze a helluva a lot and not even be able to load a lot of that modern Web, surely?

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: