NHS cyber attack: Wales not complacent on future threat
The NHS in Wales was in stronger position to withstand the recent cyber-attack - not because of luck but because it was well prepared, the head of its computer operations has said.
Andrew Griffiths said the joined-up nature of NHS Wales and a £11m computer investment meant fewer vulnerabilities.
His department coordinates computer systems across seven health boards.
Friday's cyber attack disrupted health organisations in England and Scotland.
But speaking exclusively to BBC Wales, Mr Griffiths, director of NHS Wales Informatics Service (NWIS) warned against complacency and said the organisation needed to be vigilant and to continue to invest in cyber-security in the face growing threats.
"We weren't lucky we were prepared and that preparedness stood us in good stead," he said.
"No system is 100% certain but we did have the systems, processes and people in place to make sure the attacks couldn't get through.
"Because we had invested in infrastructure, because we've got a common infrastructure across Wales, we were able to patch more easily and keep up to date; because we were less fragmented it removed a lot of vulnerabilities from the system."
Mr Griffiths praised a superb effort from staff working around the clock to tackle the threat
"I'm immensely proud of on-call colleagues who came in. They called other colleagues - people who weren't on-call to come in.
"There wasn't a question about coming in... and everybody's worked superbly across the NHS. It was a brilliant exercise in cooperation."
But he warned against complacency and said lessons would be learnt.
"Clearly we don't want cyber attacks, clearly we can't be complacent and we have to be vigilant and continue to make the right investments and continue to make sure our processes are working.
"There will be things too learn from this experience. But I think it's a good moment to recognise that planning and the fact we were prepared, that we've invested in common systems and processes have really paid off."
WHAT HAPPENED IN WALES?
- Cardiff-based NWIS first became aware of the cyber attack on Friday. The on-call cyber security team was called in and a major incident room set up. Hundreds of individuals worked over the course of the weekend in shifts around the clock.
- Of 55,000 computers in NHS Wales, six were found to have the virus but it was destroyed before it had an impact. These appear to have been in the Cwm Taf Health Board area.
- About 32 further computers were found to be under attack but resisted because of up-to-date antivirus software. They were removed from the NHS Wales network as a precaution.
- About 40 cancer patients at Velindre in Cardiff had to have appointments for scans postponed by a day due to precautionary work to upgrade software associated with a scanner.
- The original version of the cyber-attack virus has morphed - into a version that's more difficult in to kill off. But NHS Wales Informatics are confident they are "one-step ahead".
- Some older more vulnerable Windows XP machines are still in use in a limited number of places in the Welsh NHS but have been patched up. Ongoing work is continuing to replace them.
- Incoming e-mails into Welsh NHS continue to be blocked but the situation is constantly under reviewed. The block will be removed when experts are confident all NHS Wales computers have up-to date anti-virus software.
First Minister Carwyn Jones, in a statement to the Assembly, said across the wider public sector in Wales, Welsh Government, councils and schools had confirmed that no instances had been reported and no active malware had been found.
"I would like to thank all of the IT Teams across NHS Wales and the wider public sector who have worked tirelessly throughout the weekend to protect our public services," he added.