A cyber attack on the NHS 111 system is thought to have been carried out by a gang of cyber criminals looking for ransom payments.
The Telegraph understands the hackers who targeted Advanced, which supplies software to 85 per cent of NHS 111 services, were part of an organised criminal group looking to shut down the crucial system rather than a hostile state as had been feared.
There has been a sharp rise in ransomware attacks on companies, in which gangs embed malware into IT systems and subsequently demand a ransom for the return of stolen information or for access to a decryption key.
The attack on Advanced left NHS staff across the country forced to use pens and paper, while the public were told to expect delays when calling the hotline.
NHS sources warned that the shutdown could drive patients to overstretched accident and emergency departments over the weekend.
‘Working to fully understand the impact’
Advanced’s Adastra system allows call handlers to send out ambulances, as well as booking out-of-hours emergency prescriptions for patients and urgent appointments.
Over 1,000 care homes using the company’s Caresys software have also been affected, alongside mental health services in the NHS using its record management system.
Steve Barclay, the Health Secretary, said he was being “regularly briefed” about the incident, adding that NHS England had contingency plans in place for affected areas, while disruption to the service was “minimal”.
He added that patients could continue to use the 111 hotline and should call 999 in an emergency.
A spokesman for the UK’s National Cyber Security Centre said: “We are aware of an incident affecting some services provided by Advanced. We are working with the company to fully understand the impact, while supporting the NHS.”
Last month, the head of the UK’s National Cyber Security Centre (NCSC) and the Information Commissioner warned businesses that they risked “incentivising” attacks by cyber crime gangs by meeting ransom demands.