The trust at the centre of a major virus infection has cancelled virtually all of its operations for a third day.
Northern Lincolnshire and Goole NHS Foundation Trust has posted an updated to the major incident alert on its website, saying that all but a handful of procedures have been cancelled for Wednesday, 2 November.
The trust is advising patients that its emergency departments remain open to ambulances. However, it is urging them to only visit “if you absolutely need to” and to otherwise call NHS 111 or an out-of-hours service.
Northern Lincolnshire and Goole has said that its electronic systems were infected by a virus on Sunday, and that “following expert advice” it has “shut down the majority of our systems so we can isolate and destroy it.”
The trust has declared a major incident, and is keeping patients informed of developments via its website and social media. Despite this, it has not said what virus it has been infected by, or what advice it has taken.
A report in one of the local papers serving towns covered by the trust said this morning that it had been told no ransom had been demanded, and no patient details had been accessed.
US organisations have been subject to a wave of so-called ransomware attacks, in which hackers take control of systems and then try to extort organisations to have them restored.
A security company survey has claimed that 28 trusts have suffered ransomware attacks in the past year, but only two have been publicly reported. Both organisations said they did not pay up and were able to restore systems relatively easily from back-ups.
The government is increasingly concerned about cyber attacks on public infrastructure, public services, and the NHS. It re-launched its Cyber Security Strategy, first unveiled in 2011 this morning, and outlined how it would spend a previously announced £1.9 billion on cyber security measures.
In a widely covered speech, Chancellor Philip Hammond said the country must not only be able to defend itself against cyber attacks, but retaliate.
However, the only mention of the NHS in the strategy is a note that it needs to implement the cyber security principles in the Caldicott 3 and CQC reviews of NHS information governance and security earlier this year.
The NHS has already established a careCERT at NHS Digital to advise the NHS on threats and on the best means of response.
The incident at Northern Lincolnshire and Goole is having widespread repercussions. The trust runs three major hospitals itself; Scunthorpe General, Diana Princess of Wales Hospital in Grimsby, and Goole and District Hospital.
But the incident has also affected some systems that it shares with United Lincolnshire Hospitals NHS Trust. The trust has reiterated its apologies to “all patients who are affected.”