The heart sinks whenever Amber Rudd, the home secretary, talks about anything to do with computers. On Saturday, in the wake of the malware attack that has crippled hospital IT systems, she was on Radio 4’s Today programme: “We are ahead of this [attack] with the National Cyber Security Centre (NCSC), the advice is available,” she pronounced proudly, as though putting “national” and “cyber” on something automatically granted it authority.
“Patients have been inconvenienced,” she conceded, “but no patient data has been accessed and the NHS is brilliantly managing through this.”
The lack of access to patient data doesn’t apply just to the hackers, of course; NHS staff couldn’t get at it, either, because many NHS hospitals and GP practices had been hit by ransomware – a specific species of malware that encrypts all the files on your machine using a military-grade cipher, and demands payment in the practically untraceable currency bitcoin to a website on the hidden Tor network. As a business, ransomware works: the number of attacks worldwide has been going up exponentially in the past few years, so that at one point recently a substantial proportion of Tor sites were just payment sites automatically generated by ransomware.