14 DAY TRIAL //
Computers operated by Barts Health NHS Trust, which is one of the largest NHS trusts in the United Kingdom and owns several London hospitals, were infected with ransomware and several thousands of files were compromised.
The trust continues running Windows XP on its computers, and according to reports, there still are no plans to upgrade to a newer Windows version. It’s not clear if security solutions were running on the compromised computers or not.
In a statement posted on its website, the trust confirms the virus infection and says that it’s already working on recovering after the attack.
"We continue to urgently investigate this matter and have taken a number of drives offline as a precautionary measure. Importantly, we can now rule out ransomware as the root cause," the trust said.
"We have also established that in addition to the Trust’s core clinical system Cerner Millennium, Radiology and imaging from X-rays and scans continue to be used as normal. We have tried and tested contingency plans in place and are making every effort to ensure that patient care will not be affected."
The Windows XP struggle
As far as the reasons for sticking with Windows XP for so long after end of support are concerned, most NHS trusts signed custom support deals with Microsoft to receive updates until the migration to a newer Windows version is complete.
On the other hand, plans to migrate to newer Windows are not yet finalized in the case of most UK health organizations, leaving them vulnerable to attacks such as ransomware infections.
Microsoft itself warns that sticking with Windows XP is no longer secure, and in the case of organizations working with critical data, as is the case of UK NHS trusts, this can expose not only their data but also information belonging to patients in the country.
According to third-party data from market research firms, Windows XP was still running on some 9 percent of PCs across the world, despite the arrival of Windows 10. In most cases, Windows XP holdouts refuse to upgrade because of the high cost of the migration, which often involves new hardware or investments in application compatibility.