British technology experts worked through the night to patch the computer systems of the health service after the ransomware worm forced dozens of hospitals to cancel some operations and appointments, Security Minister Ben Wallace said on Monday.
Capitalizing on spying tools believed to have been developed by the U.S. National Security Agency, the virus dubbed WannaCry has blocked more than 200,000 computers across the globe, demanding a ransom to unlock them.
Cyber security experts in the National Health Service (NHS) worked alongside the NationalCyber Security Centre (NCSC), part of the GCHQ spy agency, to patch computer systems after the attack caused widespread problems on Friday, Wallace said.
“They have been working I know through the night almost to make sure patches are in place to make sure that hopefully the NHS services can get back to normal,” he told BBC radio.
Wallace denied that underinvestment in the NHS – a key claim of the opposition Labour Party ahead of the June 8 election – may have left health services exposed to such attacks.
The British government said 48 of 248 health service trusts — the bodies that run the hospitals — in England had been impacted by Friday’s attack. There is concern that family doctors’ surgeries could be struck on Monday when they open.
Britain plans to spend about £120 billion ($155 billion) on the Department of Health in 2017, according to the King’s Fund think tank.
The NHS says it employs more than 1.5 million people, making it one of the world’s biggest employers along with the U.S. Department of Defense, Walmart and the Chinese army.
Wallace said the government used to contract for computer services across the entire NHS but that in 2007 that was stopped and left to the individual trusts.
“It is important to note that the vast majority of NHS organizations report that they are running contemporary IT systems, which are commissioned depending on local need,” the NHS said in a statement.
Microsoft released patches last month and on Friday to fix a vulnerability that allowed the worm to spread across networks.
“The very nature of this particular malware, this sort of ransomware attack, is very potent because unlike more routine ones this one has used a sort of worm to exploit the operating system and bolted on a ransomware so that it spread incredibly quickly in hours not weeks or days,” Wallace said.