An independent report into a worm attack at a London NHS Trust has been described as “entirely avoidable” by a leading IT consultant.
The infamous Mytob worm infected 4,700 PCs at Barts and the London NHS Trust on November 17, causing massive disruption to the service and prompting managers to implement emergency procedures to cope with the demand from patients.
The incident was later put under review, with consultants reporting that the incident “could have threatened the well-being of patients and the morale of staff, as well as the long-term reputation of the trust”. The report added that the fact that chaos was averted “reflects positively on the ability of personnel in all parts of the trust to be reactive and flexible in rising to the very considerable challenges that were presented over the seven days of the incident.”
Despite this, the report criticised the “entirely avoidable” error, which was the result of a “substantive failure of the trust’s information governance processes, especially those operational processes in the ICT domain”. The report added that the infection was purely accidental and not malicious.
Around 800 computers of the trust’s 7,000 computers were affected, and the trust is still clearing up “the last remnants” of the problem. A handful of patients had their appointments cancelled and immediately rebooked. Following the removal of the infection, the report said the trust is taking action to improve IT systems to ensure the same thing does not happen again.
Meanwhile, there are further warnings that the Downadup virus, which has already infected around 15m PC’s worldwide, could be unleashed again despite a drop in reported infections. Users are being urged to update their antivirus software regularly to insure that they are best protected.